Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 584
Alerts This Week
Warning Icon 1 584

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 745 articles for you...
202

openSUSE 15.6 Kernel Important Security Update 2026-1274-1 Fixes Issues

An update that solves five vulnerabilities and has two security fixes can now be installed.. # Security update for the Linux Kernel (Live Patch 19 for SUSE Linux Enterprise 15 SP6) Announcement ID: SUSE-SU-2026:1274-1 Release Date: 2026-04-11T20:04:33Z Rating: important References: * bsc#1256780 * bsc#1257238 * bsc#1258051 * bsc#1258183 * bsc#1258784 * bsc#1259896 * bsc#1259962 Cross-References: * CVE-2025-71120 * CVE-2026-22999 * CVE-2026-23074 * CVE-2026-23111 * CVE-2026-23209 CVSS scores: * CVE-2025-71120 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-71120 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71120 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-22999 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-22999 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-22999 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23074 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23074 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23074 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23074 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23111 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23111 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23111 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23111 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23209 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves five vulnerabilities and has two security fixes can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.84 fixes various security issues The following security issues were fixed: * CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780). * CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238). * CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051). * CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258183). * CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784). The following non security issue was fixed: * Fix NULL pointer dereference in smb2_query_server_interfaces Livepatch for to restore a null check of server-> ops-> query_server_interfaces that was dropped by mistake. (bsc#1259896 bsc#1259962). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-1274=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2026-1274=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_84-default-debuginfo-3-150600.2.1 * kernel-livepatch-6_4_0-150600_23_84-default-3-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_19-debugsource-3-150600.2.1 * SUSE Linux Enterprise Live Patching15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_84-default-debuginfo-3-150600.2.1 * kernel-livepatch-6_4_0-150600_23_84-default-3-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_19-debugsource-3-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-71120.html * https://www.suse.com/security/cve/CVE-2026-22999.html * https://www.suse.com/security/cve/CVE-2026-23074.html * https://www.suse.com/security/cve/CVE-2026-23111.html * https://www.suse.com/security/cve/CVE-2026-23209.html * https://bugzilla.suse.com/show_bug.cgi?id=1256780 * https://bugzilla.suse.com/show_bug.cgi?id=1257238 * https://bugzilla.suse.com/show_bug.cgi?id=1258051 * https://bugzilla.suse.com/show_bug.cgi?id=1258183 * https://bugzilla.suse.com/show_bug.cgi?id=1258784 * https://bugzilla.suse.com/show_bug.cgi?id=1259896 * https://bugzilla.suse.com/show_bug.cgi?id=1259962 . An important security patch for openSUSE 15.6 Kernel addresses several vulnerabilities. Immediate installation is advised.. openSUSE Kernel Security Fix Important Update Vulnerabilities Patch. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Apr 13, 2026 Important OpenSUSE
217

Oracle Linux 7 ELSA-2026-50100 Kernel Important Security Advisory

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-50100 http://linux.oracle.com/errata/ELSA-2026-50100.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-5.4.17-2136.352.5.el7uek.x86_64.rpm kernel-uek-container-5.4.17-2136.352.5.el7uek.x86_64.rpm kernel-uek-container-debug-5.4.17-2136.352.5.el7uek.x86_64.rpm kernel-uek-debug-5.4.17-2136.352.5.el7uek.x86_64.rpm kernel-uek-debug-devel-5.4.17-2136.352.5.el7uek.x86_64.rpm kernel-uek-devel-5.4.17-2136.352.5.el7uek.x86_64.rpm kernel-uek-doc-5.4.17-2136.352.5.el7uek.noarch.rpm kernel-uek-tools-5.4.17-2136.352.5.el7uek.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-5.4.17-2136.352.5.el7uek.src.rpm Related CVEs: CVE-2025-39964 CVE-2025-40022 CVE-2025-40083 CVE-2025-40211 CVE-2025-40248 CVE-2025-40254 CVE-2025-40259 CVE-2025-40263 CVE-2025-40264 CVE-2025-40271 CVE-2025-40275 CVE-2025-40277 CVE-2025-40280 CVE-2025-40281 CVE-2025-40283 CVE-2025-40304 CVE-2025-40308 CVE-2025-40309 CVE-2025-40321 CVE-2025-40322 CVE-2025-40331 CVE-2025-40363 CVE-2025-68185 CVE-2025-68192 CVE-2025-68194 CVE-2025-68229 CVE-2025-68241 CVE-2025-68245 CVE-2025-68312 CVE-2025-68734 Description of changes: [5.4.17-2136.352.5] - crypto: af_alg - Fix incorrect boolean values in af_alg_ctx (Eric Biggers) [Orabug: 38879907] {CVE-2025-40022} [5.4.17-2136.352.4] - arm64: pensando: Must boot Ortano kernel with spin-table (Rob Gardner) [Orabug: 38821197] [5.4.17-2136.352.3] - net/sched: adjust device watchdog timer to detect stopped queue at right time (Praveen Kumar Kannoju) [Orabug: 38340278] - net/mlx5: Mark the mellanox graceful_period fix as out-of-tree change (Praveen Kumar Kannoju) [Orabug: 38252416] - infiniband/xsigo: Replace BUG_ON with WARN_ON_ONCE. (Siddh Raman Pant) [Orabug: 38418469] - infiniband/xsigo: xsvnic_main: Remove unused functions (Siddh Raman Pant) [Orabug: 38418469] -infiniband/xsigo: xve_cm: Fix mixed code warning (Siddh Raman Pant) [Orabug: 38418469] - infiniband/xsigo: xve_ethtool: Remove unused variable 'priv' (Siddh Raman Pant) [Orabug: 38418469] - infiniband/xsigo: xve_ib: Fix misleading indentation (Siddh Raman Pant) [Orabug: 38418469] - infiniband/xsigo: xve_ib: Fix mixed code warning (Siddh Raman Pant) [Orabug: 38418469] - infiniband/xsigo: xve_verbs: Remove unused label 'out_free_pd' (Siddh Raman Pant) [Orabug: 38418469] - infiniband/xsigo: xve_main: Remove unused function 'xve_napi_del' (Siddh Raman Pant) [Orabug: 38418469] - infiniband/xsigo: xve_main: Fix mixed code warning (Siddh Raman Pant) [Orabug: 38418469] - infiniband/xsigo: xve_main: Fix misleading indentation (Siddh Raman Pant) [Orabug: 38418469] - inifinibad/xsigo: xsvnic_main: Remove unused variable 'xsvnic_ethtool_ops' (Siddh Raman Pant) [Orabug: 38418469] - infiniband/xsigo: xscore_impl: Remove unused label 'err_pd' (Siddh Raman Pant) [Orabug: 38418469] - rds: Fix jiffies type in struct rds_conn_path (Siddh Raman Pant) [Orabug: 38418727] - kernel: sysctl: Remove unused variable 'zero' (Siddh Raman Pant) [Orabug: 38418727] - crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg (Herbert Xu) [Orabug: 38537469] {CVE-2025-39964} - RDMA/cm: Base cm_id destruction timeout on CMA values (Håkon Bugge) [Orabug: 38753622] - x86/its: Build fails with CONFIG_MITIGATION_ITS=n (Alexandre Chartre) [Orabug: 38756954] [5.4.17-2136.352.2] - LTS tag: v5.4.302 (Sherry Yang) - Input: pegasus-notetaker - fix potential out-of-bounds access (Seungjin Bae) - Input: remove third argument of usb_maxpacket() (Vincent Mailhol) - usb: deprecate the third argument of usb_maxpacket() (Vincent Mailhol) - fs/proc: fix uaf in proc_readdir_de() (Wei Yang) [Orabug: 38737034,38786776,38787139] {CVE-2025-40271} - pmdomain: imx: Fix reference count leak in imx_gpc_remove (Miaoqian Lin) - pmdomain: arm: scmi: Fix genpd leak on provider registration failure (Sudeep Holla) - net: netpoll: fix incorrect refcounthandling causing incorrect cleanup (Breno Leitao) [Orabug: 38773510] {CVE-2025-68245} - net: qede: Initialize qede_ll_ops with designated initializer (Nathan Chancellor) - net: ethernet: ti: netcp: Standardize knav_dma_open_channel to return NULL on error (Nishanth Menon) - ALSA: usb-audio: fix uac2 clock source at terminal parser (René Rebe) - mm/page_alloc: fix hash table order logging in alloc_large_system_hash() (Isaac J. Manjarres) - kconfig/nconf: Initialize the default locale at startup (Jakub Horký) - kconfig/mconf: Initialize the default locale at startup (Jakub Horký) - vsock: Ignore signal/timeout on connect() if already established (Michal Luczaj) [Orabug: 38730612] {CVE-2025-40248} - s390/ctcm: Fix double-kfree (Aleksei Nikiforov) - net: openvswitch: remove never-working support for setting nsh fields (Ilya Maximets) [Orabug: 38730650] {CVE-2025-40254} - mlxsw: spectrum: Fix memory leak in mlxsw_sp_flower_stats() (Zilin Guan) - MIPS: Malta: Fix !EVA SOC-it PCI MMIO (Maciej W. Rozycki) - scsi: target: tcm_loop: Fix segfault in tcm_loop_tpg_address_show() (Hamza Mahfooz) [Orabug: 38773441] {CVE-2025-68229} - scsi: sg: Do not sleep in atomic context (Bart Van Assche) [Orabug: 38730664] {CVE-2025-40259} - Input: cros_ec_keyb - fix an invalid memory access (Tzung-Bi Shih) [Orabug: 38730681] {CVE-2025-40263} - be2net: pass wrb_params in case of OS2BMC (Andrey Vatoropin) [Orabug: 38730691] {CVE-2025-40264} - isdn: mISDN: hfcsusb: fix memory leak in hfcsusb_probe() (Abdun Nihaal) [Orabug: 38798908] {CVE-2025-68734} - EDAC/altera: Use INTTEST register for Ethernet and USB SBE injection (Niravkumar L Rabara) - EDAC/altera: Handle OCRAM ECC enable after warm reset (Niravkumar L Rabara) - spi: Try to get ACPI GPIO IRQ earlier (Hans de Goede) - ipv4: route: Prevent rt_bind_exception() from rebinding stale fnhe (Chuang Wang) [Orabug: 38773496] {CVE-2025-68241} - strparser: Fix signed/unsigned mismatch bug (Nate Karstens) - gcov: add support for GCC 15 (Peter Oberparleiter) - mm/ksm: fix flag-dropping behaviorin ksm_madvise (Jakub Acs) - ALSA: usb-audio: Fix NULL pointer dereference in snd_usb_mixer_controls_badd (Haein Lee) [Orabug: 38737052] {CVE-2025-40275} - drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE (Ian Forbes) [Orabug: 38737061] {CVE-2025-40277} - ASoC: cs4271: Fix regulator leak on probe failure (Xu Wang) - regulator: fixed: fix GPIO descriptor leak on register failure (Xu Wang) - regulator: fixed: use dev_err_probe for register (Chris Morgan) - Bluetooth: L2CAP: export l2cap_chan_hold for modules (Pauli Virtanen) - net_sched: limit try_bulk_dequeue_skb() batches (Eric Dumazet) - net_sched: remove need_resched() from qdisc_run() (Eric Dumazet) - net/mlx5e: Fix wraparound in rate limiting for values above 255 Gbps (Gal Pressman) - net/mlx5e: Fix maxrate wraparound in threshold between units (Gal Pressman) - net: sched: act_ife: initialize struct tc_ife to fix KMSAN kernel-infoleak (Ranganath V N) - wifi: mac80211: skip rate verification for not captured PSDUs (Benjamin Berg) - net: mdio: fix resource leak in mdiobus_register_device() (Csaba Buday) - tipc: Fix use-after-free in tipc_mon_reinit_self(). (Kuniyuki Iwashima) [Orabug: 38737084] {CVE-2025-40280} - tipc: simplify the finalize work queue (Xin Long) - sctp: prevent possible shift-out-of-bounds in sctp_transport_update_rto (Eric Dumazet) [Orabug: 38737091] {CVE-2025-40281} - sctp: get netns from asoc and ep base (Xin Long) - Bluetooth: 6lowpan: Don't hold spin lock over sleeping functions (Pauli Virtanen) - Bluetooth: 6lowpan: fix BDADDR_LE vs ADDR_LE_DEV address type confusion (Pauli Virtanen) - Bluetooth: 6lowpan: reset link-local header on ipv6 recv path (Pauli Virtanen) - Bluetooth: btusb: reorder cleanup in btusb_disconnect to avoid UAF (Raphael Pinsonneault-Thibeault) [Orabug: 38737104] {CVE-2025-40283} - net: fec: correct rx_bytes statistic for the case SHIFT16 is set (Wei Fang) - ASoC: max98090/91: fixed max98091 ALSA widget powering up/down (Sharique Mohammad) - HID: quirks: avoid Cooler Master MM712 dongle wakeup bug(Tristan Lobb) - NFS4: Fix state renewals missing after boot (Joshua Watt) - compiler_types: Move unused static inline functions warning to W=2 (Peter Zijlstra) - extcon: adc-jack: Cleanup wakeup source only if it was enabled (Krzysztof Kozlowski) - tracing: Fix memory leaks in create_field_var() (Zilin Guan) - net: usb: qmi_wwan: initialize MAC header offset in qmimux_rx_fixup (Qendrim Maxhuni) [Orabug: 38773283] {CVE-2025-68192} - sctp: Prevent TOCTOU out-of-bounds write (Stefan Wiehler) [Orabug: 38747447] {CVE-2025-40331} - sctp: Hold RCU read lock while iterating over address list (Stefan Wiehler) - net: dsa: b53: stop reading ARL entries if search is done (Jonas Gorski) - net: dsa: b53: fix enabling ip multicast (Jonas Gorski) - net: dsa: b53: fix resetting speed and pause on forced link (Jonas Gorski) - net: dsa: b53: prevent GMII_PORT_OVERRIDE_CTRL access on BCM5325 (Álvaro Fernández Rojas) - net: dsa/b53: change b53_force_port_config() pause argument (Russell King) - net: vlan: sync VLAN features with lower device (Hangbin Liu) - ceph: add checking of wait_for_completion_killable() return value (Viacheslav Dubeyko) - fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds (Albin Babu Varghese) [Orabug: 38737182] {CVE-2025-40304} - ACPI: property: Return present device nodes only on fwnode interface (Sakari Ailus) - 9p: sysfs_init: don't hardcode error to ENOMEM (Randall P. Embry) - 9p: fix /sys/fs/9p/caches overwriting itself (Randall P. Embry) - fs/hpfs: Fix error code for new_inode() failure in mkdir/create/mknod/symlink (Yikang Yue) - ACPICA: Update dsmethod.c to get rid of unused variable warning (Saket Dumbre) - orangefs: fix xattr related buffer overflow... (Mike Marshall) - page_pool: Clamp pool size to max 16K pages (Dragos Tatulea) - Bluetooth: bcsp: receive data only if registered (Ivan Pravdin) [Orabug: 38737213] {CVE-2025-40308} - Bluetooth: SCO: Fix UAF on sco_conn_free (Luiz Augusto von Dentz) [Orabug: 38737224] {CVE-2025-40309} - net: macb: avoid dealing with endianness inmacb_set_hwaddr() (Théo Lebrun) - nfs4_setup_readdir(): insufficient locking for -> d_parent-> d_inode dereferencing (Al Viro) [Orabug: 38773245] {CVE-2025-68185} - NFSv4.1: fix mount hang after CREATE_SESSION failure (Anthony Iliopoulos) - NFSv4: handle ERR_GRACE on delegation recalls (Olga Kornievskaia) - remoteproc: qcom: q6v5: Avoid handling handover twice (Stephan Gerhold) - sparc/module: Add R_SPARC_UA64 relocation handling (Koakuma) - net: intel: fm10k: Fix parameter idx set but not used (Brahmajit Das) - jfs: fix uninitialized waitqueue in transaction manager (Shaurya Rane) - jfs: Verify inode mode when loading from disk (Tetsuo Handa) - ipv6: np-> rxpmtu race annotation (Eric Dumazet) - usb: xhci: plat: Facilitate using autosuspend for xhci plat devices (Krishna Kurapati) - usb: mon: Increase BUFF_MAX to 64 MiB to support multi-MB URBs (Forest Crossman) - allow finish_no_open(file, ERR_PTR(-E...)) (Al Viro) - scsi: lpfc: Define size of debugfs entry for xri rebalancing (Justin Tee) - scsi: lpfc: Check return status of lpfc_reset_flush_io_context during TGT_RESET (Justin Tee) - selftests/Makefile: include $(INSTALL_DEP_TARGETS) in clean target to clean net/lib dependency (Nai-Chen Cheng) - net/cls_cgroup: Fix task_get_classid() during qdisc run (Yafang Shao) - selftests: Replace sleep with slowwait (David Ahern) - selftests: Disable dad for ipv6 in fcnal-test.sh (David Ahern) - media: redrat3: use int type to store negative error codes (Rong Qianfeng) - net: sh_eth: Disable WoL if system can not suspend (Niklas Söderlund) - phy: cadence: cdns-dphy: Enable lower resolutions in dphy (Harikrishna Shenoy) - usb: gadget: f_hid: Fix zero length packet transfer (William Wu) - net: call cond_resched() less often in __release_sock() (Eric Dumazet) - ALSA: usb-audio: apply quirk for MOONDROP Quark2 (Cryolitia Pukngae) - net: nfc: nci: Increase NCI_DATA_TIMEOUT to 3000 ms (Juraj Šarinay) - dmaengine: dw-edma: Set status for callback_result (Devendra K Verma) - dmaengine: mv_xor: match alloc_wc and free_wc (RosenPenev) - dmaengine: sh: setup_xref error handling (Thomas Andreatta) - scsi: pm8001: Use int instead of u32 to store error codes (Rong Qianfeng) - mips: lantiq: xway: sysctrl: rename stp clock (Aleksander Jan Bajkowski) - mips: lantiq: danube: add missing device_type in pci node (Aleksander Jan Bajkowski) - mips: lantiq: danube: add missing properties to cpu node (Aleksander Jan Bajkowski) - media: fix uninitialized symbol warnings (Chelsy Ratnawat) - drm/amdkfd: Tie UNMAP_LATENCY to queue_preemption (Amber Lin) - extcon: adc-jack: Fix wakeup source leaks on device unbind (Krzysztof Kozlowski) - PCI/P2PDMA: Fix incorrect pointer usage in devm_kfree() call (Sungho Kim) - net: Call trace_sock_exceed_buf_limit() for memcg failure with SK_MEM_RECV. (Kuniyuki Iwashima) - net: When removing nexthops, don't call synchronize_net if it is not necessary (Christoph Paasch) - char: misc: Does not request module for miscdevice with dynamic minor (Zijun Hu) - usb: gadget: f_ncm: Fix MAC assignment NCM ethernet (Raub Camaioni) - iio: adc: spear_adc: mask SPEAR_ADC_STATUS channel and avg sample before setting register (Rodrigo Gobbi) - media: imon: make send_packet() more robust (Tetsuo Handa) [Orabug: 38773298] {CVE-2025-68194} - net: ipv6: fix field-spanning memcpy warning in AH output (Charalampos Mitrodimas) [Orabug: 38773141] {CVE-2025-40363} - bridge: Redirect to backup port when port is administratively down (Ido Schimmel) - powerpc/eeh: Use result of error_detected() in uevent (Niklas Schnelle) - x86/vsyscall: Do not require X86_PF_INSTR to emulate vsyscall (Kirill A. Shutemov) - media: pci: ivtv: Don't create fake v4l2_fh (Laurent Pinchart) - drm/amdkfd: return -ENOTTY for unsupported IOCTLs (Geoffrey Mcrae) - selftests/net: Ensure assert() triggers in psock_tpacket.c (Wake Liu) - selftests/net: Replace non-standard __WORDSIZE with sizeof(long) * 8 (Wake Liu) - PCI: Disable MSI on RDC PCI to PCIe bridges (Marcos Del Sol Vives) - drm/nouveau: replace snprintf() with scnprintf() in nvkm_snprintbf() (SeyedimanSeyedarab) - mfd: madera: Work around false-positive -Wininitialized warning (Arnd Bergmann) - mfd: stmpe-i2c: Add missing MODULE_LICENSE (Alexander Stein) - mfd: stmpe: Remove IRQ domain upon removal (Alexander Stein) - tools/power x86_energy_perf_policy: Prefer driver HWP limits (Len Brown) - tools/power x86_energy_perf_policy: Enhance HWP enable (Len Brown) - tools/cpupower: Fix incorrect size in cpuidle_state_disable() (Kaushlendra Kumar) - hwmon: (dell-smm) Add support for Dell OptiPlex 7040 (Armin Wolf) - uprobe: Do not emulate/sstep original instruction when ip is changed (Jiri Olsa) - clocksource/drivers/vf-pit: Replace raw_readl/writel to readl/writel (Daniel Lezcano) - video: backlight: lp855x_bl: Set correct EPROM start for LP8556 (Svyatoslav Ryhel) - tee: allow a driver to allocate a tee_device without a pool (Amirreza Zarrabi) - ACPICA: dispatcher: Use acpi_ds_clear_operands() in acpi_ds_call_control_method() (Hans de Goede) - mmc: sdhci-msm: Enable tuning for SDR50 mode for SD card (Sarthak Garg) - irqchip/gic-v2m: Handle Multiple MSI base IRQ Alignment (Christian Bruel) - arc: Fix __fls() const-foldability via __builtin_clzl() (Kees Cook) - cpufreq/longhaul: handle NULL policy in longhaul_exit (Dennis Beier) - selftests/bpf: Fix bpf_prog_detach2 usage in test_lirc_mode2 (Ricardo B. Marlière) - ACPI: video: force native for Lenovo 82K8 (Mario Limonciello) - memstick: Add timeout to prevent indefinite waiting (Jiayi Li) - mmc: host: renesas_sdhi: Fix the actual clock (Biju Das) - bpf: Don't use %pK through printk (Thomas Weißschuh) - spi: loopback-test: Don't use %pK through printk (Thomas Weißschuh) - soc: qcom: smem: Fix endian-unaware access of num_entries (Jens Reidel) - usb: gadget: f_fs: Fix epfile null pointer access after ep enable. (Owen Gu) - serial: 8250_dw: handle reset control deassert error (Artem Shimko) - serial: 8250_dw: Use devm_add_action_or_reset() (Andy Shevchenko) - serial: 8250_dw: Use devm_clk_get_optional() to get the input clock (Andy Shevchenko) - can: gs_usb: increasemax interface to U8_MAX (Celeste Liu) - devcoredump: Fix circular locking dependency with devcd-> mutex. (Maarten Lankhorst) - net: ravb: Enforce descriptor type ordering (Lad Prabhakar) - x86/resctrl: Fix miscount of bandwidth event when reactivating previously unavailable RMID (Babu Moger) - wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode (Gokul Sivakumar) [Orabug: 38737292] {CVE-2025-40321} - net: phy: dp83867: Disable EEE support as not implemented (Emanuele Ghidoli) - regmap: slimbus: fix bus_context pointer in regmap init calls (Alexey Klimov) - drm/etnaviv: fix flush sequence logic (Tomeu Vizoso) - usbnet: Prevents free active kevent (Lizhi Xu) [Orabug: 38773784] {CVE-2025-68312} - wifi: ath10k: Fix memory leak on unsupported WMI command (Loic Poulain) - ASoC: qdsp6: q6asm: do not sleep while atomic (Srinivas Kandagatla) - fbdev: valkyriefb: Fix reference count leak in valkyriefb_init (Miaoqian Lin) - fbdev: pvr2fb: Fix leftover reference to ONCHIP_NR_DMA_CHANNELS (Florian Fuchs) - fbdev: bitblit: bound-check glyph index in bit_putcs* (Junjie Cao) [Orabug: 38737301] {CVE-2025-40322} - ACPI: video: Fix use-after-free in acpi_video_switch_brightness() (Yuhao Jiang) [Orabug: 38687005] {CVE-2025-40211} - fbdev: atyfb: Check if pll_ops-> init_pll failed (Daniel Palmer) - net: usb: asix_devices: Check return value of usbnet_get_endpoints (Miaoqian Lin) - btrfs: use smp_mb__after_atomic() when forcing COW in create_pending_snapshot() (Filipe Manana) - x86/bugs: Fix reporting of LFENCE retpoline (David Kaplan) - net/sched: sch_qfq: Fix null-deref in agg_dequeue (Xiang Mei) [Orabug: 38597085] {CVE-2025-40083} [5.4.17-2136.352.1] - RDMA/cm: Rate limit destroy CM ID timeout error message (Håkon Bugge) [Orabug: 38753401] - soc/pensando: giglio: hack dts to make things right (Rob Gardner) [Orabug: 38688154] - soc/pensando: Add AMD Pensando Giglio SoC support (Brad Larson) [Orabug: 38688154] - soc/pensando: psci support (David Clear) [Orabug: 38688154] - soc/pensando: Giglio SoC eMMCinterrupt driver (Brad Larson) [Orabug: 38688154] [5.4.17-2136.351.3] - Reapply "cpuidle: menu: Avoid discarding useful information" (Harshvardhan Jha) [Orabug: 38715366] - fbcon: fix integer overflow in font allocation (Samasth Norway Ananda) [Orabug: 38702507] - uek-rpm: Replace check-kabi tool with kabi (Yifei Liu) [Orabug: 38673382] - uek-rpm: Introduce check function for uek-rpm/tools/kabi (Yifei Liu) [Orabug: 38673382] [5.4.17-2136.351.2] - uek-rpm: kabi: Remove the kabi protection for debug kernels (Yifei Liu) [Orabug: 38609548] - rds: Add smp_rmb before reading c_destroy_in_prog (Håkon Bugge) [Orabug: 38352486] - uio_hv_generic: Set event for all channels on the device (Long Li) - ata: libata-scsi: Fix system suspend for a security locked drive (Niklas Cassel) - HID: quirks: work around VID/PID conflict for 0x4c4a/0x4155 (Zhang Heng) [5.4.17-2136.351.1] - scsi: megaraid_sas: Fix concurrent access to ISR between IRQ polling and real interrupt (Sumit Saxena) [Orabug: 38630482] [5.4.17-2136.350.3] - net/rds: Fix rs_recv_pending counting issue (Gerd Rausch) [Orabug: 38506370] [5.4.17-2136.350.2] - LTS tag: v5.4.301 (Alok Tiwari) - net: rtnetlink: fix module reference count leak issue in rtnetlink_rcv_msg (Zhengchao Shao) - media: s5p-mfc: remove an unused/uninitialized variable (Arnd Bergmann) - NFSD: Fix last write offset handling in layoutcommit (Sergey Bashirov) - NFSD: Minor cleanup in layoutcommit processing (Sergey Bashirov) - padata: Reset next CPU when reorder sequence wraps around (Xiao Liang) - KEYS: trusted_tpm1: Compare HMAC values in constant time (Eric Biggers) - NFSD: Define a proc_layoutcommit for the FlexFiles layout type (Chuck Lever) [Orabug: 38601819] {CVE-2025-40087} - vfs: Don't leak disconnected dentries on umount (Jan Kara) [Orabug: 38601924] {CVE-2025-40105} - jbd2: ensure that all ongoing I/O complete before freeing blocks (Zhang Yi) - ext4: detect invalid INLINE_DATA + EXTENTS flag combination (Deepanshu Kartikey) [Orabug: 38649223] {CVE-2025-40167} - drm/amdgpu: use atomicfunctions with memory barriers for vm fault info (Gui-Dong Han) - ext4: avoid potential buffer over-read in parse_apply_sb_mount_options() (Theodore Ts'O) [Orabug: 38649412] {CVE-2025-40198} - spi: cadence-quadspi: Flush posted register writes before DAC access (Pratyush Yadav) - spi: cadence-quadspi: Flush posted register writes before INDAC access (Pratyush Yadav) - memory: samsung: exynos-srom: Fix of_iomap leak in exynos_srom_probe (Zhen Ni) - memory: samsung: exynos-srom: Correct alignment (Krzysztof Kozlowski) - arm64: errata: Apply workarounds for Neoverse-V3AE (Mark Rutland) - arm64: cputype: Add Neoverse-V3AE definitions (Mark Rutland) - comedi: fix divide-by-zero in comedi_buf_munge() (Deepanshu Kartikey) - binder: remove "invalid inc weak" check (Alice Ryhl) - xhci: dbc: enable back DbC in resume if it was enabled before suspend (Mathias Nyman) - usb/core/quirks: Add Huawei ME906S to wakeup quirk (Tim Guttzeit) - USB: serial: option: add Telit FN920C04 ECM compositions (Li Qingwu) - USB: serial: option: add Quectel RG255C (Reinhard Speyerer) - USB: serial: option: add UNISOC UIS7720 (Renjun Wang) - net: ravb: Ensure memory write completes before ringing TX doorbell (Lad Prabhakar) - net: usb: rtl8150: Fix frame padding (Michał Pecio) - ocfs2: clear extent cache after moving/defragmenting extents (Deepanshu Kartikey) [Orabug: 38730547] {CVE-2025-40233} - MIPS: Malta: Fix keyboard resource preventing i8042 driver from registering (Maciej W. Rozycki) - Revert "cpuidle: menu: Avoid discarding useful information" (Rafael J. Wysocki) - net: bonding: fix possible peer notify event loss or dup issue (Tonghao Zhang) - sctp: avoid NULL dereference when chunk data buffer is missing (Alexey Simakov) [Orabug: 38730567] {CVE-2025-40240} - arm64, mm: avoid always making PTE dirty in pte_mkwrite() (Huang, Ying) - net: enetc: correct the value of ENETC_RXB_TRUESIZE (Wei Fang) - rtnetlink: Allow deleting FDB entries in user namespace (Johannes Wiesboeck) - net: rtnetlink: add NLM_F_BULK support to rtnl_fdb_del(Nikolay Aleksandrov) - net: add ndo_fdb_del_bulk (Nikolay Aleksandrov) - net: rtnetlink: add bulk delete support flag (Nikolay Aleksandrov) - net: netlink: add NLM_F_BULK delete request modifier (Nikolay Aleksandrov) - net: rtnetlink: use BIT for flag values (Nikolay Aleksandrov) - net: rtnetlink: add helper to extract msg type's kind (Nikolay Aleksandrov) - net: rtnetlink: add msg kind names (Nikolay Aleksandrov) - net: rtnetlink: remove redundant assignment to variable err (Colin Ian King) - m68k: bitops: Fix find_*_bit() signatures (Geert Uytterhoeven) - hfsplus: return EIO when type of hidden directory mismatch in hfsplus_fill_super() (Yangtao Li) - hfs: fix KMSAN uninit-value issue in hfs_find_set_zero_bits() (Viacheslav Dubeyko) - dlm: check for defined force value in dlm_lockspace_release (Alexander Aring) - hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() (Viacheslav Dubeyko) - hfs: validate record offset in hfsplus_bmap_alloc (Yang Chenzhi) - hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent() (Viacheslav Dubeyko) - hfs: make proper initalization of struct hfs_find_data (Viacheslav Dubeyko) - hfs: clear offset and space out of valid records in b-tree node (Viacheslav Dubeyko) - exec: Fix incorrect type for ret (Xichao Zhao) - hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() (Viacheslav Dubeyko) - ALSA: firewire: amdtp-stream: fix enum kernel-doc warnings (Randy Dunlap) - sched/fair: Fix pelt lost idle time detection (Vincent Guittot) - sched/balancing: Rename newidle_balance() => sched_balance_newidle() (Ingo Molnar) - sched/fair: Trivial correction of the newidle_balance() comment (Barry Song) - sched: Make newidle_balance() static again (Chen Yu) - tls: don't rely on tx_work during send() (Sabrina Dubroca) - tls: always set record_type in tls_process_cmsg (Sabrina Dubroca) - tg3: prevent use of uninitialized remote_adv and local_adv variables (Alexey Simakov) - tcp: fix tcp_tso_should_defer() vs large RTT (Eric Dumazet) - amd-xgbe: Avoid spurious link downmessages during interface toggle (Raju Rangoju) - net/ip6_tunnel: Prevent perpetual tunnel growth (Dmitry Safonov) [Orabug: 38649261] {CVE-2025-40173} - net: dlink: handle dma_map_single() failure properly (Moon Yeounsu) - net: dl2k: switch from 'pci_' to 'dma_' API (Christophe Jaillet) - media: pci: ivtv: Add missing check after DMA map (Thomas Fourier) - media: pci/ivtv: switch from 'pci_' to 'dma_' API (Christophe Jaillet) - xen/events: Update virq_to_irq on migration (Jason Andryuk) - media: lirc: Fix error handling in lirc_register() (Ma Ke) - media: rc: Directly use ida_free() (Keliu) - drm/exynos: exynos7_drm_decon: remove ctx-> suspended (Kaustabh Chakraborty) - btrfs: avoid potential out-of-bounds in btrfs_encode_fh() (Anderson Nascimento) [Orabug: 38649463] {CVE-2025-40205} - pwm: berlin: Fix wrong register in suspend/resume (Jisheng Zhang) - media: cx18: Add missing check after DMA map (Thomas Fourier) - xen/events: Cleanup find_virq() return codes (Jason Andryuk) - cramfs: Verify inode mode when loading from disk (Tetsuo Handa) - fs: Add 'initramfs_options' to set initramfs mount options (Lichen Liu) - pid: Add a judgment for ns null in pid_nr_ns (Gaoxiang17) [Orabug: 38649276] {CVE-2025-40178} - minixfs: Verify inode mode when loading from disk (Tetsuo Handa) - tracing: Fix race condition in kprobe initialization causing NULL pointer dereference (Yuan Chen) [Orabug: 38592033] {CVE-2025-40042} - dm: fix NULL pointer dereference in __dm_suspend() (Zheng Qixing) [Orabug: 38649057] {CVE-2025-40134} - mfd: intel_soc_pmic_chtdc_ti: Set use_single_read regmap_config flag (Hans de Goede) - mfd: intel_soc_pmic_chtdc_ti: Drop unneeded assignment for cache_type (Andy Shevchenko) - mfd: intel_soc_pmic_chtdc_ti: Fix invalid regmap-config max_register value (Hans de Goede) - Squashfs: reject negative file sizes in squashfs_read_inode() (Phillip Lougher) [Orabug: 38649425] {CVE-2025-40200} - Squashfs: add additional inode sanity checking (Phillip Lougher) - media: mc: Clear minor number before put device (EdwardAdam Davis) [Orabug: 38649399] {CVE-2025-40197} - mfd: vexpress-sysreg: Check the return value of devm_gpiochip_add_data() (Bartosz Golaszewski) - fs: udf: fix OOB read in lengthAllocDescs handling (Larshin Sergey) [Orabug: 38592048] {CVE-2025-40044} - KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O (Sean Christopherson) [Orabug: 38591959] {CVE-2025-40026} - net/9p: fix double req put in p9_fd_cancelled (Nalivayko Sergey) [Orabug: 38591965] {CVE-2025-40027} - ext4: guard against EA inode refcount underflow in xattr update (Ahmet Eray Karadag) [Orabug: 38649330] {CVE-2025-40190} - ext4: correctly handle queries for metadata mappings (Ojaswin Mujoo) - ext4: increase i_disksize to offset + len in ext4_update_disksize_before_punch() (Yongjian Sun) - nfsd: nfserr_jukebox in nlm_fopen should lead to a retry (Olga Kornievskaia) - x86/umip: Fix decoding of register forms of 0F 01 (SGDT and SIDT aliases) (Sean Christopherson) - x86/umip: Check that the instruction opcode is at least two bytes (Sean Christopherson) - PCI: keystone: Use devm_request_irq() to free "ks-pcie-error-irq" on exit (Siddharth Vadapalli) - PCI/AER: Fix missing uevent on recovery when a reset is requested (Niklas Schnelle) - PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV (Niklas Schnelle) [Orabug: 38730513] {CVE-2025-40219} - rseq/selftests: Use weak symbol reference, not definition, to link with glibc (Sean Christopherson) - rtc: interface: Fix long-standing race when setting alarm (Esben Haabendal) - rtc: interface: Ensure alarm irq is enabled when UIE is enabled (Esben Haabendal) - mmc: core: SPI mode remove cmd7 (Rex Chen) - mtd: rawnand: fsmc: Default to autodetect buswidth (Linus Walleij) - sparc: fix error handling in scan_one_device() (Ma Ke) - sparc64: fix hugetlb for sun4u (Anthony Yznaga) - sctp: Fix MAC comparison to be constant-time (Eric Biggers) [Orabug: 38649451] {CVE-2025-40204} - scsi: hpsa: Fix potential memory leak in hpsa_big_passthru_ioctl() (Thorsten Blum) - parisc: don't referenceobsolete termio struct for TC* constants (Sam James) - lib/genalloc: fix device leak in of_gen_pool_get() (Johan Hovold) - iio: frequency: adf4350: Fix prescaler usage. (Michael Hennerich) - iio: dac: ad5421: use int type to store negative error codes (Rong Qianfeng) - iio: dac: ad5360: use int type to store negative error codes (Rong Qianfeng) - crypto: atmel - Fix dma_unmap_sg() direction (Thomas Fourier) - cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request() (Rafael J. Wysocki) [Orabug: 38649367] {CVE-2025-40194} - drm/nouveau: fix bad ret code in nouveau_bo_move_prep (Shuhao Fu) - media: i2c: mt9v111: fix incorrect type for ret (Rong Qianfeng) - firmware: meson_sm: fix device leak at probe (Johan Hovold) - xen/manage: Fix suspend error path (Lukas Wunner) - arm64: dts: qcom: msm8916: Add missing MDSS reset (Stephan Gerhold) - ACPI: debug: fix signedness issues in read/write helpers (Amir Mohammad Jahangirzad) - ACPI: TAD: Add missing sysfs_remove_group() for ACPI_TAD_RT (Daniel Tang) - tpm_tis: Fix incorrect arguments in tpm_tis_probe_irq_single (Gunnar Kudrjavets) - tpm, tpm_tis: Claim locality before writing interrupt registers (Lino Sanfilippo) - crypto: essiv - Check ssize for decryption and in-place encryption (Herbert Xu) [Orabug: 38581456,38705546] {CVE-2025-40019} - mailbox: zynqmp-ipi: Remove dev.parent check in zynqmp_ipi_free_mboxes (Harini T) - mailbox: zynqmp-ipi: Remove redundant mbox_controller_unregister() call (Harini T) - tools build: Align warning options with perf (Leo Yan) - net: fsl_pq_mdio: Fix device node reference leak in fsl_pq_mdio_probe (Erick Karanja) - tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request(). (Kuniyuki Iwashima) [Orabug: 38649579] {CVE-2025-40186} - net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce() (Alexandr Sapozhnikov) [Orabug: 38649313] {CVE-2025-40187} - drm/vmwgfx: Fix Use-after-free in validation (Ian Forbes) [Orabug: 38643546] {CVE-2025-40111} - net/mlx4: prevent potential use after free inmlx4_en_do_uc_filter() (Dan Carpenter) - scsi: mvsas: Fix use-after-free bugs in mvs_work_queue (Duoming Zhou) [Orabug: 38557654] {CVE-2025-40001} - scsi: mvsas: Use sas_task_find_rq() for tagging (John Garry) - scsi: mvsas: Delete mvs_tag_init() (John Garry) - scsi: libsas: Add sas_task_find_rq() (John Garry) - clk: nxp: Fix pll0 rate check condition in LPC18xx CGU driver (Alok Tiwari) - clk: nxp: lpc18xx-cgu: convert from round_rate() to determine_rate() (Brian Masney) - perf session: Fix handling when buffer exceeds 2 GiB (Leo Yan) - rtc: x1205: Fix Xicor X1205 vendor prefix (Rob Herring) - perf util: Fix compression checks returning -1 as bool (Yunseong Kim) - iio: frequency: adf4350: Fix ADF4350_REG3_12BIT_CLKDIV_MODE (Michael Hennerich) - clocksource/drivers/clps711x: Fix resource leaks in error paths (Zhen Ni) - pinctrl: check the return value of pinmux_ops::get_function_name() (Bartosz Golaszewski) [Orabug: 38591981] {CVE-2025-40030} - Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak (Zhen Ni) [Orabug: 38592002] {CVE-2025-40035} - mm: hugetlb: avoid soft lockup when mprotect to large memory area (Yang Shi) [Orabug: 38649150] {CVE-2025-40153} - uio_hv_generic: Let userspace take care of interrupt mask (Naman Jain) [Orabug: 38592067] {CVE-2025-40048} - Squashfs: fix uninit-value in squashfs_get_parent (Phillip Lougher) [Orabug: 38592077] {CVE-2025-40049} - net: ena: return 0 in ena_get_rxfh_key_size() when RSS hash key is not configurable (Kohei Enju) - nfp: fix RSS hash key size when RSS is not supported (Kohei Enju) - drivers/base/node: fix double free in register_one_node() (Donet Tom) - ocfs2: fix double free in user_cluster_connect() (Dan Carpenter) [Orabug: 38592110] {CVE-2025-40055} - net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast (I Viswanath) [Orabug: 38649096] {CVE-2025-40140} - RDMA/siw: Always report immediate post SQ errors (Bernard Metzler) - usb: vhci-hcd: Prevent suspending virtually attached devices (Cristian Ciocaltea) - scsi: mpt3sas: Fixcrash in transport port remove by using ioc_info() (Ranjan Kumar) [Orabug: 38648982] {CVE-2025-40115} - ipvs: Defer ip_vs_ftp unregister during netns cleanup (Slavin Liu) [Orabug: 38581446] {CVE-2025-40018} - NFSv4.1: fix backchannel max_resp_sz verification check (Anthony Iliopoulos) - remoteproc: qcom: q6v5: Avoid disabling handover IRQ twice (Stephan Gerhold) - sparc: fix accurate exception reporting in copy_{from,to}_user for M7 (Michael Karcher) - sparc: fix accurate exception reporting in copy_to_user for Niagara 4 (Michael Karcher) - sparc: fix accurate exception reporting in copy_{from_to}_user for Niagara (Michael Karcher) - sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC III (Michael Karcher) - sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC (Michael Karcher) - IB/sa: Fix sa_local_svc_timeout_ms read race (Vlad Dumitrescu) - RDMA/core: Resolve MAC of next-hop device without ARP support (Parav Pandit) - wifi: mt76: fix potential memory leak in mt76_wmac_probe() (Abdun Nihaal) - drivers/base/node: handle error properly in register_one_node() (Donet Tom) - watchdog: mpc8xxx_wdt: Reload the watchdog timer when enabling the watchdog (Christophe Leroy) - netfilter: ipset: Remove unused htable_bits in macro ahash_region (Zhen Ni) - iio: consumers: Fix offset handling in iio_convert_raw_to_processed() (Hans de Goede) - ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping (Takashi Iwai) - ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping (Takashi Iwai) - ASoC: Intel: bytcht_es8316: Fix invalid quirk input mapping (Takashi Iwai) - pps: fix warning in pps_register_cdev when register device fail (Wang Liang) [Orabug: 38592170] {CVE-2025-40070} - misc: genwqe: Fix incorrect cmd field being reported in error (Colin Ian King) - usb: gadget: configfs: Correctly set use_os_string at bind (William Wu) - usb: phy: twl6030: Fix incorrect type for ret (Xichao Zhao) - tcp: fix __tcp_close() to only send RST when required (Eric Dumazet) - PCI: tegra:Fix devm_kcalloc() argument order for port-> phys allocation (Alok Tiwari) - wifi: mwifiex: send world regulatory domain to driver (Stefan Kerkmann) - ALSA: lx_core: use int type to store negative error codes (Rong Qianfeng) - media: rj54n1cb0c: Fix memleak in rj54n1_probe() (Zhang Shurong) - scsi: myrs: Fix dma_alloc_coherent() error check (Thomas Fourier) - scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod (Niklas Cassel) [Orabug: 38649567] {CVE-2025-40118} - serial: max310x: Add error checking in probe() (Dan Carpenter) - usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup (Dan Carpenter) - drm/radeon/r600_cs: clean up of dead code in r600_cs (Brahmajit Das) - i2c: designware: Add disabling clocks when probe fails (Kunihiko Hayashi) - i2c: mediatek: fix potential incorrect use of I2C_MASTER_WRRD (Leilk Liu) - bpf: Explicitly check accesses to bpf_sock_addr (Paul Chaignon) [Orabug: 38592205] {CVE-2025-40078} - selftests: watchdog: skip ping loop if WDIOF_KEEPALIVEPING not supported (Akhilesh Patil) - pwm: tiehrpwm: Fix corner case in clock divisor calculation (Uwe Kleine-König) - block: use int to store blk_stack_limits() return value (Rong Qianfeng) - blk-mq: check kobject state_in_sysfs before deleting in blk_mq_unregister_hctx (Li Nan) [Orabug: 38649026] {CVE-2025-40125} - pinctrl: meson-gxl: add missing i2c_d pinmux (Da Xue) - soc: qcom: rpmh-rsc: Unconditionally clear _TRIGGER bit for TCS (Sneh Mankad) - ACPI: processor: idle: Fix memory leak when register cpuidle device failed (Huisong Li) - regmap: Remove superfluous check for !config in __regmap_init() (Geert Uytterhoeven) - x86/vdso: Fix output operand size of RDPID (Uros Bizjak) - perf: arm_spe: Prevent overflow in PERF_IDX2OFF() (Leo Yan) [Orabug: 38592223] {CVE-2025-40081} - driver core/PM: Set power.no_callbacks along with power.no_pm (Rafael J. Wysocki) - staging: axis-fifo: flush RX FIFO on read errors (Ovidiu Panait) - staging: axis-fifo: fix maximum TX packet length check (Ovidiu Panait) - perf subcmd: avoid crash inexclude_cmds when excludes is empty (Hupu) - dm-integrity: limit MAX_TAG_SIZE to 255 (Mikulas Patocka) - wifi: rtlwifi: rtl8192cu: Don't claim USB ID 07b8:8188 (Bitterblue Smith) - USB: serial: option: add SIMCom 8230C compositions (Xiaowei Li) - media: rc: fix races with imon_disconnect() (Larshin Sergey) [Orabug: 38548027] {CVE-2025-39993} - media: imon: grab lock earlier in imon_ir_change_protocol() (Tetsuo Handa) - media: imon: reorganize serialization (Tetsuo Handa) - media: rc: Add support for another iMON 0xffdc device (Flavius Georgescu) - media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in probe (Duoming Zhou) [Orabug: 38548044] {CVE-2025-39995} - media: tuner: xc5000: Fix use-after-free in xc5000_release (Duoming Zhou) [Orabug: 38548037] {CVE-2025-39994} - media: tunner: xc5000: Refactor firmware load (Ricardo Ribalda) - udp: Fix memory accounting leak. (Kuniyuki Iwashima) [Orabug: 37844325] {CVE-2025-22058} - media: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove (Duoming Zhou) [Orabug: 38548051] {CVE-2025-39996} - scsi: target: target_core_configfs: Add length check to avoid buffer overflow (Wang Haoran) [Orabug: 38548059] {CVE-2025-39998} - LTS tag: v5.4.300 (Alok Tiwari) - KVM: SVM: Sync TPR from LAPIC into VMCB::V_TPR even if AVIC is active (Maciej S. Szmigiero) - mm/hugetlb: fix folio is still mapped when deleted (Tu Jinjiang) [Orabug: 38560482] {CVE-2025-40006} - i40e: add mask to apply valid bits for itr_idx (Lukasz Czapnik) - i40e: fix validation of VF state in get resources (Lukasz Czapnik) [Orabug: 38547929] {CVE-2025-39969} - i40e: fix idx validation in config queues msg (Lukasz Czapnik) [Orabug: 38547938] {CVE-2025-39971} - i40e: add validation for ring_len param (Lukasz Czapnik) [Orabug: 38547952,38604168,38604171] {CVE-2025-39973} - i40e: increase max descriptors for XL710 (Justin Bronder) - mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize() (David Hildenbrand) - fbcon: Fix OOB access in font allocation (ThomasZimmermann) - fbcon: fix integer overflow in fbcon_do_set_font (Samasth Norway Ananda) [Orabug: 38547913] {CVE-2025-39967} - i40e: add max boundary check for VF filters (Lukasz Czapnik) [Orabug: 38547923] {CVE-2025-39968} - i40e: fix input validation logic for action_meta (Lukasz Czapnik) [Orabug: 38547933] {CVE-2025-39970} - i40e: fix idx validation in i40e_validate_queue_map (Lukasz Czapnik) [Orabug: 38547946] {CVE-2025-39972} - drm/gma500: Fix null dereference in hdmi teardown (Zabelin Nikita) [Orabug: 38560496] {CVE-2025-40011} - can: peak_usb: fix shift-out-of-bounds issue (Stephane Grosjean) [Orabug: 38581463] {CVE-2025-40020} - can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow (Vincent Mailhol) - can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow (Vincent Mailhol) - can: hi311x: populate ndo_change_mtu() to prevent buffer overflow (Vincent Mailhol) - can: rcar_can: rcar_can_resume(): fix s2ram with PSCI (Geert Uytterhoeven) - IB/mlx5: Fix obj_type mismatch for SRQ event subscriptions (Or Har-Toov) - usb: core: Add 0x prefix to quirks debug output (Jiayi Li) - ALSA: usb-audio: Fix build with CONFIG_INPUT=n (Takashi Iwai) - ALSA: usb-audio: Convert comma to semicolon (Chen Ni) - ALSA: usb-audio: Add mixer quirk for Sony DualSense PS5 (Cristian Ciocaltea) - ALSA: usb-audio: Remove unneeded wmb() in mixer_quirks (Cristian Ciocaltea) - ALSA: usb-audio: Simplify NULL comparison in mixer_quirks (Cristian Ciocaltea) - ALSA: usb-audio: Avoid multiple assignments in mixer_quirks (Cristian Ciocaltea) - ALSA: usb-audio: Fix block comments in mixer_quirks (Cristian Ciocaltea) - net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer (Hans de Goede) - net: rfkill: gpio: add DT support (Philipp Zabel) - serial: sc16is7xx: fix bug in flow control levels init (Hugo Villeneuve) - USB: gadget: dummy-hcd: Fix locking bug in RT-enabled kernels (Alan Stern) - usb: gadget: dummy_hcd: remove usage of list iterator past the loop body (Jakob Koschel) - ASoC: SOF: Intel:hda-stream: Fix incorrect variable used in error message (Colin Ian King) - ASoC: wm8974: Correct PLL rate rounding (Charles Keepax) - ASoC: wm8940: Correct typo in control name (Charles Keepax) - mmc: mvsdio: Fix dma_unmap_sg() nents value (Thomas Fourier) - nilfs2: fix CFI failure when accessing /sys/fs/nilfs2/features/* (Nathan Chancellor) - cnic: Fix use-after-free bugs in cnic_delete_task (Duoming Zhou) [Orabug: 38503849] {CVE-2025-39945} - net: liquidio: fix overflow in octeon_init_instr_queue() (Alexey Nepomnyashih) - tcp: Clear tcp_sk(sk)-> fastopen_rsk in tcp_disconnect(). (Kuniyuki Iwashima) [Orabug: 38526388] {CVE-2025-39955} - i40e: remove redundant memory barrier when cleaning Tx descs (Maciej Fijalkowski) - net: natsemi: fix rx_dropped double accounting on netif_rx() failure (Moon Yeounsu) - cgroup: split cgroup_destroy_wq into 3 workqueues (Chen Ridong) [Orabug: 38503892] {CVE-2025-39953} - pcmcia: omap_cf: Mark driver struct with __refdata to prevent section mismatch (Geert Uytterhoeven) - wifi: mac80211: fix incorrect type for ret (Liao Yuanhong) - ALSA: firewire-motu: drop EPOLLOUT from poll return values as write is not supported (Takashi Sakamoto) - mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory (Miaohe Lin) [Orabug: 38461848] {CVE-2025-39883} - phy: ti-pipe3: fix device leak at unbind (Johan Hovold) - dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees (Stephan Gerhold) [Orabug: 38494822] {CVE-2025-39923} - dmaengine: ti: edma: Fix memory allocation size for queue_priority_map (Anders Roxell) - can: j1939: j1939_local_ecu_get(): undo increment when j1939_local_ecu_get() fails (Tetsuo Handa) - can: j1939: j1939_sk_bind(): call j1939_priv_put() immediately when j1939_local_ecu_get() failed (Tetsuo Handa) - i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path (Michal Schmidt) [Orabug: 38494787] {CVE-2025-39911} - i40e: Use irq_update_affinity_hint() (Nitesh Narayan Lal) - genirq: Provide new interfaces for affinity hints (ThomasGleixner) - genirq: Export affinity setter for modules (Thomas Gleixner) - genirq/affinity: Add irq_update_affinity_desc() (John Garry) - igb: fix link test skipping when interface is admin down (Kohei Enju) - net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() (Stefan Wahren) - USB: serial: option: add Telit Cinterion LE910C4-WWX new compositions (Fabio Porcedda) - USB: serial: option: add Telit Cinterion FN990A w/audio compositions (Fabio Porcedda) - tty: hvc_console: Call hvc_kick in hvc_write unconditionally (Fabian Vogt) - mtd: nand: raw: atmel: Respect tAR, tCLR in read setup timing (Alexander Sverdlin) - mtd: nand: raw: atmel: Fix comment in timings preparation (Alexander Dahl) - mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer (Christophe Kerello) - mm/khugepaged: fix the address passed to notifier on testing young (Wei Yang) - fuse: prevent overflow in copy_file_range return value (Miklos Szeredi) - fuse: check if copy_file_range() returns larger than requested size (Miklos Szeredi) - mtd: rawnand: stm32_fmc2: fix ECC overwrite (Christophe Kerello) - ocfs2: fix recursive semaphore deadlock in fiemap call (Mark Tinguely) [Orabug: 38461859] {CVE-2025-39885} - EDAC/altera: Delete an inappropriate dma_free_coherent() call (Salah Triki) - tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock-> cork. (Kuniyuki Iwashima) [Orabug: 38494797] {CVE-2025-39913} - net: Fix null-ptr-deref by sock_lock_init_class_and_name() and rmmod. (Kuniyuki Iwashima) [Orabug: 37901604] {CVE-2025-23143} _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux patch fixes important kernel security issues to prevent potential exploits that could affect system stability.. Oracle Linux Important Kernel Security Patch, Kernel Memory Leak Fix, Unix Security, System Vulnerability Patching. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Feb 09, 2026 Important Oracle
100

SUSE 15 SP7: Linux Kernel Important Security Fixes 2025:02333-1

* bsc#1012628 * bsc#1210025 * bsc#1211226 * bsc#1215199 * bsc#1218184 . # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:02333-1 Release Date: 2025-07-16T12:53:20Z Rating: important References: * bsc#1012628 * bsc#1210025 * bsc#1211226 * bsc#1215199 * bsc#1218184 * bsc#1220112 * bsc#1223008 * bsc#1226498 * bsc#1228478 * bsc#1228557 * bsc#1228854 * bsc#1229491 * bsc#1230337 * bsc#1231913 * bsc#1232504 * bsc#1232882 * bsc#1233482 * bsc#1235064 * bsc#1235490 * bsc#1235728 * bsc#1235968 * bsc#1236208 * bsc#1237200 * bsc#1237312 * bsc#1237887 * bsc#1237895 * bsc#1237905 * bsc#1237910 * bsc#1237913 * bsc#1238212 * bsc#1238478 * bsc#1238495 * bsc#1238508 * bsc#1238741 * bsc#1238859 * bsc#1238965 * bsc#1238982 * bsc#1238995 * bsc#1239063 * bsc#1239090 * bsc#1239485 * bsc#1239925 * bsc#1240170 * bsc#1240180 * bsc#1240577 * bsc#1240579 * bsc#1240589 * bsc#1240610 * bsc#1240650 * bsc#1240686 * bsc#1240696 * bsc#1240702 * bsc#1240710 * bsc#1240723 * bsc#1240798 * bsc#1240814 * bsc#1240823 * bsc#1240866 * bsc#1240998 * bsc#1241166 * bsc#1241191 * bsc#1241278 * bsc#1241298 * bsc#1241340 * bsc#1241388 * bsc#1241414 * bsc#1241457 * bsc#1241492 * bsc#1241519 * bsc#1241538 * bsc#1241544 * bsc#1241572 * bsc#1241576 * bsc#1241590 * bsc#1241592 * bsc#1241595 * bsc#1241617 * bsc#1241625 * bsc#1241635 * bsc#1241644 * bsc#1241654 * bsc#1241689 * bsc#1242035 * bsc#1242044 * bsc#1242086 * bsc#1242163 * bsc#1242343 * bsc#1242414 * bsc#1242501 * bsc#1242504 * bsc#1242508 * bsc#1242512 * bsc#1242514 * bsc#1242515 * bsc#1242520 * bsc#1242521 * bsc#1242524 * bsc#1242529 * bsc#1242530 * bsc#1242531 * bsc#1242532 * bsc#1242556 * bsc#1242559 * bsc#1242563 * bsc#1242564 * bsc#1242565 * bsc#1242566 * bsc#1242567 * bsc#1242568 * bsc#1242569 * bsc#1242573 * bsc#1242574 * bsc#1242575 *bsc#1242577 * bsc#1242578 * bsc#1242584 * bsc#1242587 * bsc#1242591 * bsc#1242709 * bsc#1242724 * bsc#1242725 * bsc#1242727 * bsc#1242729 * bsc#1242758 * bsc#1242760 * bsc#1242761 * bsc#1242764 * bsc#1242766 * bsc#1242770 * bsc#1242781 * bsc#1242782 * bsc#1242785 * bsc#1242792 * bsc#1242834 * bsc#1242846 * bsc#1242849 * bsc#1242850 * bsc#1242863 * bsc#1242865 * bsc#1242871 * bsc#1242873 * bsc#1242906 * bsc#1242907 * bsc#1242908 * bsc#1242909 * bsc#1242930 * bsc#1242940 * bsc#1242943 * bsc#1242945 * bsc#1242946 * bsc#1242947 * bsc#1242948 * bsc#1242949 * bsc#1242952 * bsc#1242953 * bsc#1242954 * bsc#1242955 * bsc#1242957 * bsc#1242959 * bsc#1242961 * bsc#1242964 * bsc#1242966 * bsc#1242967 * bsc#1242973 * bsc#1242974 * bsc#1242977 * bsc#1242982 * bsc#1242990 * bsc#1243000 * bsc#1243006 * bsc#1243011 * bsc#1243015 * bsc#1243049 * bsc#1243051 * bsc#1243055 * bsc#1243060 * bsc#1243074 * bsc#1243076 * bsc#1243082 * bsc#1243330 * bsc#1243342 * bsc#1243456 * bsc#1243467 * bsc#1243469 * bsc#1243470 * bsc#1243471 * bsc#1243472 * bsc#1243473 * bsc#1243475 * bsc#1243476 * bsc#1243480 * bsc#1243506 * bsc#1243509 * bsc#1243511 * bsc#1243514 * bsc#1243515 * bsc#1243516 * bsc#1243517 * bsc#1243522 * bsc#1243523 * bsc#1243524 * bsc#1243528 * bsc#1243529 * bsc#1243530 * bsc#1243534 * bsc#1243536 * bsc#1243537 * bsc#1243538 * bsc#1243540 * bsc#1243542 * bsc#1243543 * bsc#1243544 * bsc#1243545 * bsc#1243548 * bsc#1243551 * bsc#1243559 * bsc#1243560 * bsc#1243562 * bsc#1243567 * bsc#1243571 * bsc#1243572 * bsc#1243573 * bsc#1243574 * bsc#1243575 * bsc#1243589 * bsc#1243620 * bsc#1243621 * bsc#1243624 * bsc#1243625 * bsc#1243626 * bsc#1243627 * bsc#1243628 * bsc#1243649 * bsc#1243659 * bsc#1243660 * bsc#1243664 * bsc#1243698 * bsc#1243774 * bsc#1243782 * bsc#1243823 * bsc#1243827 *bsc#1243832 * bsc#1243836 * bsc#1243847 * bsc#1244100 * bsc#1244145 * bsc#1244172 * bsc#1244174 * bsc#1244176 * bsc#1244229 * bsc#1244234 * bsc#1244241 * bsc#1244261 * bsc#1244274 * bsc#1244275 * bsc#1244277 * bsc#1244309 * bsc#1244313 * bsc#1244337 * bsc#1244626 * bsc#1244725 * bsc#1244727 * bsc#1244729 * bsc#1244731 * bsc#1244732 * bsc#1244736 * bsc#1244737 * bsc#1244738 * bsc#1244739 * bsc#1244743 * bsc#1244746 * bsc#1244747 * bsc#1244759 * bsc#1244789 * bsc#1244862 * bsc#1244906 * bsc#1244938 * bsc#1244995 * bsc#1244996 * bsc#1244999 * bsc#1245001 * bsc#1245003 * bsc#1245004 * bsc#1245025 * bsc#1245042 * bsc#1245046 * bsc#1245078 * bsc#1245081 * bsc#1245082 * bsc#1245083 * bsc#1245101 * bsc#1245155 * bsc#1245183 * bsc#1245193 * bsc#1245210 * bsc#1245217 * bsc#1245225 * bsc#1245226 * bsc#1245228 * bsc#1245431 * bsc#1245455 * jsc#PED-12551 * jsc#PED-13019 * jsc#PED-13094 Cross-References: * CVE-2023-52888 * CVE-2023-53146 * CVE-2024-26762 * CVE-2024-26831 * CVE-2024-41085 * CVE-2024-43869 * CVE-2024-49568 * CVE-2024-50034 * CVE-2024-50106 * CVE-2024-50293 * CVE-2024-56541 * CVE-2024-56613 * CVE-2024-56699 * CVE-2024-57982 * CVE-2024-57987 * CVE-2024-57988 * CVE-2024-57995 * CVE-2024-58004 * CVE-2024-58015 * CVE-2024-58053 * CVE-2024-58062 * CVE-2024-58077 * CVE-2024-58098 * CVE-2024-58099 * CVE-2024-58100 * CVE-2024-58237 * CVE-2025-21629 * CVE-2025-21658 * CVE-2025-21713 * CVE-2025-21720 * CVE-2025-21770 * CVE-2025-21805 * CVE-2025-21824 * CVE-2025-21842 * CVE-2025-21849 * CVE-2025-21868 * CVE-2025-21880 * CVE-2025-21898 * CVE-2025-21899 * CVE-2025-21901 * CVE-2025-21911 * CVE-2025-21920 * CVE-2025-21938 * CVE-2025-21939 * CVE-2025-21940 * CVE-2025-21959 * CVE-2025-21987 * CVE-2025-21997 * CVE-2025-22005 * CVE-2025-22023 * CVE-2025-22035 * CVE-2025-22066 * CVE-2025-22083 *CVE-2025-22089 * CVE-2025-22095 * CVE-2025-22111 * CVE-2025-22113 * CVE-2025-22119 * CVE-2025-22120 * CVE-2025-22124 * CVE-2025-23141 * CVE-2025-23142 * CVE-2025-23144 * CVE-2025-23146 * CVE-2025-23147 * CVE-2025-23148 * CVE-2025-23149 * CVE-2025-23151 * CVE-2025-23155 * CVE-2025-23156 * CVE-2025-23157 * CVE-2025-23158 * CVE-2025-23159 * CVE-2025-23161 * CVE-2025-23162 * CVE-2025-37738 * CVE-2025-37740 * CVE-2025-37741 * CVE-2025-37742 * CVE-2025-37743 * CVE-2025-37747 * CVE-2025-37752 * CVE-2025-37754 * CVE-2025-37756 * CVE-2025-37757 * CVE-2025-37758 * CVE-2025-37761 * CVE-2025-37763 * CVE-2025-37764 * CVE-2025-37765 * CVE-2025-37766 * CVE-2025-37767 * CVE-2025-37768 * CVE-2025-37769 * CVE-2025-37770 * CVE-2025-37771 * CVE-2025-37772 * CVE-2025-37781 * CVE-2025-37782 * CVE-2025-37786 * CVE-2025-37788 * CVE-2025-37791 * CVE-2025-37792 * CVE-2025-37793 * CVE-2025-37794 * CVE-2025-37796 * CVE-2025-37798 * CVE-2025-37800 * CVE-2025-37801 * CVE-2025-37805 * CVE-2025-37810 * CVE-2025-37811 * CVE-2025-37812 * CVE-2025-37813 * CVE-2025-37814 * CVE-2025-37815 * CVE-2025-37816 * CVE-2025-37819 * CVE-2025-37836 * CVE-2025-37837 * CVE-2025-37839 * CVE-2025-37840 * CVE-2025-37841 * CVE-2025-37844 * CVE-2025-37847 * CVE-2025-37848 * CVE-2025-37849 * CVE-2025-37850 * CVE-2025-37851 * CVE-2025-37852 * CVE-2025-37853 * CVE-2025-37854 * CVE-2025-37858 * CVE-2025-37859 * CVE-2025-37861 * CVE-2025-37862 * CVE-2025-37865 * CVE-2025-37867 * CVE-2025-37868 * CVE-2025-37869 * CVE-2025-37871 * CVE-2025-37873 * CVE-2025-37874 * CVE-2025-37875 * CVE-2025-37881 * CVE-2025-37884 * CVE-2025-37888 * CVE-2025-37889 * CVE-2025-37890 * CVE-2025-37891 * CVE-2025-37892 * CVE-2025-37897 * CVE-2025-37900 * CVE-2025-37901 * CVE-2025-37903 * CVE-2025-37905 * CVE-2025-37909 * CVE-2025-37911 * CVE-2025-37912 * CVE-2025-37913 *CVE-2025-37914 * CVE-2025-37915 * CVE-2025-37917 * CVE-2025-37918 * CVE-2025-37921 * CVE-2025-37923 * CVE-2025-37925 * CVE-2025-37927 * CVE-2025-37928 * CVE-2025-37929 * CVE-2025-37930 * CVE-2025-37931 * CVE-2025-37932 * CVE-2025-37933 * CVE-2025-37934 * CVE-2025-37936 * CVE-2025-37937 * CVE-2025-37938 * CVE-2025-37943 * CVE-2025-37944 * CVE-2025-37945 * CVE-2025-37946 * CVE-2025-37948 * CVE-2025-37951 * CVE-2025-37953 * CVE-2025-37954 * CVE-2025-37959 * CVE-2025-37961 * CVE-2025-37963 * CVE-2025-37965 * CVE-2025-37967 * CVE-2025-37968 * CVE-2025-37969 * CVE-2025-37970 * CVE-2025-37972 * CVE-2025-37973 * CVE-2025-37978 * CVE-2025-37979 * CVE-2025-37980 * CVE-2025-37981 * CVE-2025-37982 * CVE-2025-37983 * CVE-2025-37985 * CVE-2025-37986 * CVE-2025-37987 * CVE-2025-37989 * CVE-2025-37990 * CVE-2025-37992 * CVE-2025-37994 * CVE-2025-37995 * CVE-2025-37997 * CVE-2025-37998 * CVE-2025-38000 * CVE-2025-38001 * CVE-2025-38003 * CVE-2025-38004 * CVE-2025-38005 * CVE-2025-38007 * CVE-2025-38009 * CVE-2025-38010 * CVE-2025-38011 * CVE-2025-38013 * CVE-2025-38014 * CVE-2025-38015 * CVE-2025-38018 * CVE-2025-38020 * CVE-2025-38022 * CVE-2025-38023 * CVE-2025-38024 * CVE-2025-38027 * CVE-2025-38031 * CVE-2025-38040 * CVE-2025-38043 * CVE-2025-38044 * CVE-2025-38045 * CVE-2025-38053 * CVE-2025-38055 * CVE-2025-38057 * CVE-2025-38059 * CVE-2025-38060 * CVE-2025-38065 * CVE-2025-38068 * CVE-2025-38072 * CVE-2025-38077 * CVE-2025-38078 * CVE-2025-38079 * CVE-2025-38080 * CVE-2025-38081 * CVE-2025-38083 * CVE-2025-38104 * CVE-2025-38240 * CVE-2025-39735 * CVE-2025-40014 CVSS scores: * CVE-2023-52888 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52888 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-53146 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-53146 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26762 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26762 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26831 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26831 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41085 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41085 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43869 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49568 ( SUSE ): 5.9 CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49568 ( SUSE ): 6.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-50034 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50034 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50106 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50106 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50106 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50293 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-50293 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56541 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56541 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56541 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56541 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56613 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-56613 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-56613 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56699 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-56699 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-57982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57982 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-57987 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57988 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57995 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58004 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58015 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58053 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58062 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58062 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58077 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-58077 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58098 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58099 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-58099 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58099 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58100 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-58237 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21629 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21629 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21658 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21658 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21658 ( NVD ): 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21713 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21713 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21720 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21770 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21770 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21805 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21824 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21824 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21842 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21849 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21849 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21868 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21880 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21898 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21898 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21898 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21899 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21899 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21901 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21901 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21911 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21911 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21920 (SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21920 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-21938 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21938 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21939 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21939 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21940 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21940 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21940 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21959 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21959 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21959 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21987 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21987 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21997 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21997 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21997 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22005 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22005 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22005 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22023 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22023 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22035 ( SUSE ): 6.1CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-22035 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22066 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22066 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22066 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22083 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22083 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22089 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22089 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-22095 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22111 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22111 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22113 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22113 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22119 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-22119 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-22120 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22120 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22124 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22124 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23141 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23141 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23142 ( SUSE ): 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23144 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23146 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23146 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23147 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23147 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23148 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23149 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23151 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23155 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23156 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23157 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23158 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23159 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23161 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23161 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-23162 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-23162 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37738 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37738 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37740 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37741 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37742 ( SUSE ): 1.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N * CVE-2025-37743 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-37743 ( SUSE ): 3.3CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-37747 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37754 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37756 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37757 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37758 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37761 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37763 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37764 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37765 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37766 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37766 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37767 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37768 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37769 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37770 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37771 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37771 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37772 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37781 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37782 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-37786 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37788 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37791 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37792 ( SUSE ): 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37793 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37794 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37796 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37798 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37800 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37800 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37800 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37801 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37801 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37801 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37805 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-37805 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37810 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-37810 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-37811 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37811 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37812 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37812 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37813 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37813 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37814 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37815 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37816 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37819 ( SUSE ): 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37836 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37837 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37839 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-37839 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-37840 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37841 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37844 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37847 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37848 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37849 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2025-37850 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37851 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-37851 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37852 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37852 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37853 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37854 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37854 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37858 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-37858 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-37859 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-37859 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-37861 (SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37861 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37862 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37862 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37865 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37867 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37868 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37869 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37871 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37873 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37874 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37875 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37881 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37881 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37884 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37884 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37888 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37889 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37890 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37891 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-37892 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37897 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-37897 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-37900 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37900 ( SUSE ): 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37901 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37901 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37903 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-37903 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-37905 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-37905 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2025-37909 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-37909 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-37911 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-37911 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:N * CVE-2025-37912 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37912 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37913 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-37913 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2025-37914 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-37914 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2025-37915 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-37915 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2025-37917 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37917 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37918 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37918 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H *CVE-2025-37921 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-37921 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N * CVE-2025-37923 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-37923 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2025-37925 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N * CVE-2025-37925 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37927 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-37927 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2025-37928 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37928 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37929 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-37929 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-37930 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-37930 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2025-37931 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-37931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2025-37932 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-37932 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2025-37933 ( SUSE ): 4.1 CVSS:4.0/AV:P/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37933 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37934 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37936 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37937 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37938 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37943 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37944 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37945 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37946 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37948 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-37951 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37953 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37954 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37954 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-37959 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37961 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37963 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-37963 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-37965 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37965 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37967 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37968 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37969 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37970 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37972 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37973 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37978 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37979 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37980 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37981 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37983 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37983 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37985 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37986 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37987 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37989 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37990 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37992 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37992 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37994 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-37994 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-37995 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37995 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37997 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-37997 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37998 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-37998 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38000 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38000 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38001 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38001 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38003 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38003 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38004 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38004 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-38005 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38005 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38007 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38009 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38009 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38010 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38010 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38011 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38011 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38013 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38013 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38014 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38014 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38015 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38015 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38018 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38018 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38020 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38020 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H *CVE-2025-38022 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38022 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38023 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38023 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38024 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38024 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38027 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38027 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38031 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38031 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38040 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38040 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38043 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-38043 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2025-38044 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-38044 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2025-38045 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38045 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38053 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38055 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38057 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38057 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38059 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38059 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38060 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38060 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38065 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38065 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38068 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38068 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38072 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38072 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38077 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38077 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38078 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38078 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38080 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38080 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38081 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38081 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38104 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38240 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N *CVE-2025-38240 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-39735 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39735 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39735 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-40014 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-40014 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-40014 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Real Time Module 15-SP7 An update that solves 253 vulnerabilities, contains three features and has 48 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL (bsc#1228557). * CVE-2024-49568: net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg (bsc#1235728). * CVE-2024-57982: xfrm: state: fix out-of-bounds read during lookup (bsc#1237913). * CVE-2024-57995: wifi: ath12k: fix read pointer after free in ath12k_mac_assign_vif_to_vdev() (bsc#1237895). * CVE-2024-58053: rxrpc: Fix handling of received connection abort (bsc#1238982). * CVE-2025-21720: xfrm: delete intermediate secpath entry in packet offload mode (bsc#1238859). * CVE-2025-21868: kABI workaround for adding an header (bsc#1240180). * CVE-2025-21898: ftrace: Avoid potential division by zero in function_stat_show() (bsc#1240610). * CVE-2025-21899: tracing: Fix bad hist from corrupting named_triggers list (bsc#1240577). * CVE-2025-21920: vlan: enforce underlyingdevice type (bsc#1240686). * CVE-2025-21938: mptcp: fix 'scheduling while atomic' in mptcp_pm_nl_append_new_local_addr (bsc#1240723). * CVE-2025-21959: netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree() (bsc#1240814). * CVE-2025-21997: xsk: fix an integer overflow in xp_create_and_assign_umem() (bsc#1240823). * CVE-2025-22035: tracing: Fix use-after-free in print_graph_function_flags during tracer switching (bsc#1241544). * CVE-2025-22111: kABI fix for net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF (bsc#1241572). * CVE-2025-22113: ext4: define ext4_journal_destroy wrapper (bsc#1241617). * CVE-2025-23155: net: stmmac: Fix accessing freed irq affinity_hint (bsc#1242573). * CVE-2025-37738: ext4: ignore xattrs past end (bsc#1242846). * CVE-2025-37743: wifi: ath12k: Avoid memory leak while enabling statistics (bsc#1242163). * CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1242504). * CVE-2025-37756: net: tls: explicitly disallow disconnect (bsc#1242515). * CVE-2025-37757: tipc: fix memory leak in tipc_link_xmit (bsc#1242521). * CVE-2025-37786: net: dsa: free routing table on probe failure (bsc#1242725). * CVE-2025-37800: driver core: fix potential NULL pointer dereference in dev_uevent() (bsc#1242849). * CVE-2025-37801: spi: spi-imx: Add check for spi_imx_setupxfer() (bsc#1242850). * CVE-2025-37811: usb: chipidea: ci_hdrc_imx: fix usbmisc handling (bsc#1242907). * CVE-2025-37837: iommu/tegra241-cmdqv: Fix warnings due to dmam_free_coherent() (bsc#1242952). * CVE-2025-37844: cifs: avoid NULL pointer dereference in dbg call (bsc#1242946). * CVE-2025-37859: page_pool: avoid infinite loop to schedule delayed worker (bsc#1243051). * CVE-2025-37862: HID: pidff: Fix null pointer dereference in pidff_find_fields (bsc#1242982). * CVE-2025-37865: net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported (bsc#1242954). * CVE-2025-37874: net: ngbe:fix memory leak in ngbe_probe() error path (bsc#1242940). * CVE-2025-37884: bpf: Fix deadlock between rcu_tasks_trace and event_mutex (bsc#1243060). * CVE-2025-37909: net: lan743x: Fix memleak issue when GSO enabled (bsc#1243467). * CVE-2025-37917: net: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll (bsc#1243475). * CVE-2025-37921: vxlan: vnifilter: Fix unlocked deletion of default FDB entry (bsc#1243480). * CVE-2025-37923: tracing: Fix oob write in trace_seq_to_buffer() (bsc#1243551). * CVE-2025-37927: iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid (bsc#1243620). * CVE-2025-37933: octeon_ep: Fix host hang issue during device reboot (bsc#1243628). * CVE-2025-37936: perf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU's value (bsc#1243537). * CVE-2025-37938: tracing: Verify event formats that have "%*p.." (bsc#1243544). * CVE-2025-37945: net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY (bsc#1243538). * CVE-2025-37954: smb: client: Avoid race in open_cached_dir with lease breaks (bsc#1243664). * CVE-2025-37961: ipvs: fix uninit-value for saddr in do_output_route4 (bsc#1243523). * CVE-2025-37967: usb: typec: ucsi: displayport: Fix deadlock (bsc#1243572). * CVE-2025-37968: iio: light: opt3001: fix deadlock due to concurrent flag access (bsc#1243571). * CVE-2025-37987: pds_core: Prevent possible adminq overflow/stuck condition (bsc#1243542). * CVE-2025-37992: net_sched: Flush gso_skb list too during -> change() (bsc#1243698). * CVE-2025-37995: module: ensure that kobject_put() is safe for module type kobjects (bsc#1243827). * CVE-2025-37997: netfilter: ipset: fix region locking in hash types (bsc#1243832). * CVE-2025-37998: openvswitch: Fix unsafe attribute parsing in output_userspace() (bsc#1243836). * CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1244277). *CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244234). * CVE-2025-38011: drm/amdgpu: csa unmap use uninterruptible lock (bsc#1244729). * CVE-2025-38018: net/tls: fix kernel panic when alloc_page failed (bsc#1244999). * CVE-2025-38053: idpf: fix null-ptr-deref in idpf_features_check (bsc#1244746). * CVE-2025-38055: perf/x86/intel: Fix segfault with PEBS-via-PT with sample_freq (bsc#1244747). * CVE-2025-38057: espintcp: fix skb leaks (bsc#1244862). * CVE-2025-38060: bpf: abort verification if env-> cur_state-> loop_entry != NULL (bsc#1245155). * CVE-2025-38072: libnvdimm/labels: Fix divide error in nd_label_data_init() (bsc#1244743). The following non-security bugs were fixed: * ACPI: Add missing prototype for non CONFIG_SUSPEND/CONFIG_X86 case (stable- fixes). * ACPI: CPPC: Fix NULL pointer dereference when nosmp is used (git-fixes). * ACPI: HED: Always initialize before evged (stable-fixes). * ACPI: OSI: Stop advertising support for "3.0 _SCP Extensions" (git-fixes). * ACPI: PNP: Add Intel OC Watchdog IDs to non-PNP device list (stable-fixes). * ACPI: battery: negate current when discharging (stable-fixes). * ACPI: bus: Bail out if acpi_kobj registration fails (stable-fixes). * ACPICA: Avoid sequence overread in call to strncmp() (stable-fixes). * ACPICA: Utilities: Fix spelling mistake "Incremement" -> "Increment" (git- fixes). * ACPICA: exserial: do not forget to handle FFixedHW opregions for reading (git-fixes). * ACPICA: fix acpi operand cache leak in dswstate.c (stable-fixes). * ACPICA: fix acpi parse and parseext cache leaks (stable-fixes). * ACPICA: utilities: Fix overflow check in vsnprintf() (stable-fixes). * ALSA: hda/intel: Add Thinkpad E15 to PM deny list (stable-fixes). * ALSA: hda/realtek: Add quirk for HP Spectre x360 15-df1xxx (stable-fixes). * ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ASP10 (stable-fixes). * ALSA: hda/realtek: Enable PC beeppassthrough for HP EliteBook 855 G7 (stable-fixes). * ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X507UAR (git-fixes). * ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X513EA (git-fixes). * ALSA: hda/realtek: enable headset mic on Latitude 5420 Rugged (stable- fixes). * ALSA: pcm: Fix race of buffer access at PCM OSS layer (stable-fixes). * ALSA: seq: Improve data consistency at polling (stable-fixes). * ALSA: usb-audio: Accept multiple protocols in GTBs (stable-fixes). * ALSA: usb-audio: Add Pioneer DJ DJM-V10 support (stable-fixes). * ALSA: usb-audio: Add a quirk for Lenovo Thinkpad Thunderbolt 3 dock (stable- fixes). * ALSA: usb-audio: Add implicit feedback quirk for RODE AI-1 (stable-fixes). * ALSA: usb-audio: Add name for HP Engage Go dock (stable-fixes). * ALSA: usb-audio: Check shutdown at endpoint_set_interface() (stable-fixes). * ALSA: usb-audio: Fix NULL pointer deref in snd_usb_power_domain_set() (git- fixes). * ALSA: usb-audio: Fix duplicated name in MIDI substream names (stable-fixes). * ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3() (git-fixes). * ALSA: usb-audio: Rename ALSA kcontrol PCM and PCM1 for the KTMicro sound card (stable-fixes). * ALSA: usb-audio: Rename Pioneer mixer channel controls (git-fixes). * ALSA: usb-audio: Set MIDI1 flag appropriately for GTB MIDI 1.0 entry (stable-fixes). * ALSA: usb-audio: Skip setting clock selector for single connections (stable- fixes). * ALSA: usb-audio: Support multiple control interfaces (stable-fixes). * ALSA: usb-audio: Support read-only clock selector control (stable-fixes). * ALSA: usb-audio: enable support for Presonus Studio 1824c within 1810c file (stable-fixes). * ALSA: usb-audio: mixer: Remove temporary string use in parse_clock_source_unit (stable-fixes). * ASoC: Intel: avs: Fix deadlock when the failing IPC is SET_D0IX (git-fixes). * ASoC: Intel: avs: Verify content returned by parse_int_array() (git-fixes). *ASoC: Intel: bytcr_rt5640: Add DMI quirk for Acer Aspire SW3-013 (stable- fixes). * ASoC: SOF: Intel: hda-bus: Use PIO mode on ACE2+ platforms (git-fixes). * ASoC: SOF: ipc4-pcm: Adjust pipeline_list-> pipelines allocation type (git- fixes). * ASoC: amd: yc: Add quirk for Lenovo Yoga Pro 7 14ASP9 (stable-fixes). * ASoC: apple: mca: Constrain channels according to TDM mask (git-fixes). * ASoC: codecs: hda: Fix RPM usage count underflow (git-fixes). * ASoC: codecs: pcm3168a: Allow for 24-bit in provider mode (stable-fixes). * ASoC: cs42l43: Disable headphone clamps during type detection (stable- fixes). * ASoC: imx-card: Adjust over allocation of memory in imx_card_parse_of() (stable-fixes). * ASoC: mediatek: mt6359: Add stub for mt6359_accdet_enable_jack_detect (stable-fixes). * ASoC: mediatek: mt8188: Add reference for dmic clocks (stable-fixes). * ASoC: mediatek: mt8188: Treat DMIC_GAINx_CUR as non-volatile (stable-fixes). * ASoC: mediatek: mt8195: Set ETDM1/2 IN/OUT to COMP_DUMMY() (git-fixes). * ASoC: meson: meson-card-utils: use of_property_present() for DT parsing (git-fixes). * ASoC: ops: Enforce platform maximum on initial value (stable-fixes). * ASoC: qcom: sdm845: Add error handling in sdm845_slim_snd_hw_params() (git- fixes). * ASoC: qcom: sm8250: explicitly set format in sm8250_be_hw_params_fixup() (stable-fixes). * ASoC: rt722-sdca: Add some missing readable registers (stable-fixes). * ASoC: soc-dai: check return value at snd_soc_dai_set_tdm_slot() (stable- fixes). * ASoC: sun4i-codec: support hp-det-gpios property (stable-fixes). * ASoC: tas2764: Add reg defaults for TAS2764_INT_CLK_CFG (stable-fixes). * ASoC: tas2764: Enable main IRQs (git-fixes). * ASoC: tas2764: Mark SW_RESET as volatile (stable-fixes). * ASoC: tas2764: Power up/down amp on mute ops (stable-fixes). * ASoC: tas2764: Reinit cache on part reset (git-fixes). * ASoC: tas2770: Power cycle amp on ISENSE/VSENSE change (stable-fixes). * ASoC:tegra210_ahub: Add check to of_device_get_match_data() (stable-fixes). * ASoC: ti: omap-hdmi: Re-add dai_link-> platform to fix card init (git-fixes). * Bluetooth: Fix NULL pointer deference on eir_get_service_data (git-fixes). * Bluetooth: L2CAP: Fix not responding with L2CAP_CR_LE_ENCRYPTION (git- fixes). * Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete (git-fixes). * Bluetooth: MGMT: Fix sparse errors (git-fixes). * Bluetooth: MGMT: Remove unused mgmt_pending_find_data (stable-fixes). * Bluetooth: MGMT: iterate over mesh commands in mgmt_mesh_foreach() (git- fixes). * Bluetooth: Remove pending ACL connection attempts (stable-fixes). * Bluetooth: btintel: Check dsbr size from EFI variable (git-fixes). * Bluetooth: btintel_pcie: Fix driver not posting maximum rx buffers (git- fixes). * Bluetooth: btintel_pcie: Increase the tx and rx descriptor count (git- fixes). * Bluetooth: btintel_pcie: Reduce driver buffer posting to prevent race condition (git-fixes). * Bluetooth: eir: Fix possible crashes on eir_create_adv_data (git-fixes). * Bluetooth: hci_conn: Fix UAF Write in __hci_acl_create_connection_sync (git- fixes). * Bluetooth: hci_conn: Only do ACL connections sequentially (stable-fixes). * Bluetooth: hci_core: fix list_for_each_entry_rcu usage (git-fixes). * Bluetooth: hci_event: Fix not using key encryption size when its known (git- fixes). * Bluetooth: hci_qca: move the SoC type check to the right place (git-fixes). * Bluetooth: hci_sync: Fix UAF in hci_acl_create_conn_sync (git-fixes). * Bluetooth: hci_sync: Fix UAF on hci_abort_conn_sync (git-fixes). * Bluetooth: hci_sync: Fix broadcast/PA when using an existing instance (git- fixes). * Documentation/rtla: Fix duplicate text about timerlat tracer (git-fixes). * Documentation/rtla: Fix typo in common_timerlat_description.rst (git-fixes). * Documentation/rtla: Fix typo in rtla-timerlat.rst (git-fixes). * Documentation: ACPI: Use all-string data node references(git-fixes). * Documentation: fix typo in root= kernel parameter description (git-fixes). * Enable livepatching related packages on -RT (jsc#PED-1706) * HID: lenovo: Restrict F7/9/11 mode to compact keyboards only (git-fixes). * HID: quirks: Add ADATA XPG alpha wireless mouse support (stable-fixes). * HID: usbkbd: Fix the bit shift number for LED_KANA (stable-fixes). * HID: wacom: fix kobject reference count leak (git-fixes). * HID: wacom: fix memory leak on kobject creation failure (git-fixes). * HID: wacom: fix memory leak on sysfs attribute creation failure (git-fixes). * IB/cm: Drop lockdep assert and WARN when freeing old msg (git-fixes) * Input: gpio-keys - fix possible concurrent access in gpio_keys_irq_timer() (git-fixes). * Input: ims-pcu - check record size in ims_pcu_flash_firmware() (git-fixes). * Input: sparcspkr - avoid unannotated fall-through (stable-fixes). * Input: xpad - add more controllers (stable-fixes). * KVM: powerpc: Enable commented out BUILD_BUG_ON() assertion (bsc#1215199). * KVM: s390: rename PROT_NONE to PROT_TYPE_DUMMY (git-fixes bsc#1245225). * Merge branch 'SLE15-SP7' (8ab7501d9efd) into 'SLE15-SP7-RT' * MyBS: Correctly generate build flags for non-multibuild package limit (bsc# 1244241) Fixes: 0999112774fc ("MyBS: Use buildflags to set which package to build") * MyBS: Do not build kernel-obs-qa with limit_packages Fixes: 58e3f8c34b2b ("bs-upload-kernel: Pass limit_packages also on multibuild") * MyBS: Simplify qa_expr generation Start with a 0 which makes the expression valid even if there are no QA repositories (currently does not happen). Then separator is always needed. * NFC: nci: uart: Set tty-> disc_data only in success path (git-fixes). * NFS: Do not allow waiting for exiting tasks (git-fixes). * NFSD: Insulate nfsd4_encode_read_plus() from page boundaries in the encode buffer (git-fixes). * NFSv4: Check for delegation validity in nfs_start_delegation_return_locked() (git-fixes). * NFSv4:Treat ENETUNREACH errors as fatal for state recovery (git-fixes). * PCI/DPC: Initialize aer_err_info before using it (git-fixes). * PCI/DPC: Log Error Source ID only when valid (git-fixes). * PCI/DPC: Use defines with DPC reason fields (git-fixes). * PCI/MSI: Size device MSI domain with the maximum number of vectors (git- fixes). * PCI/PM: Set up runtime PM even for devices without PCI PM (git-fixes). * PCI: Add ACS quirk for Loongson PCIe (stable-fixes). * PCI: Explicitly put devices into D0 when initializing (git-fixes). * PCI: Fix lock symmetry in pci_slot_unlock() (git-fixes). * PCI: Fix old_size lower bound in calculate_iosize() too (stable-fixes). * PCI: apple: Set only available ports up (git-fixes). * PCI: apple: Use gpiod_set_value_cansleep in probe flow (git-fixes). * PCI: brcmstb: Add a softdep to MIP MSI-X driver (stable-fixes). * PCI: brcmstb: Expand inbound window size up to 64GB (stable-fixes). * PCI: cadence-ep: Correct PBA offset in .set_msix() callback (git-fixes). * PCI: cadence: Fix runtime atomic count underflow (git-fixes). * PCI: dw-rockchip: Fix PHY function call sequence in rockchip_pcie_phy_deinit() (git-fixes). * PCI: dw-rockchip: Remove PCIE_L0S_ENTRY check from rockchip_pcie_link_up() (git-fixes). * PCI: dwc: ep: Correct PBA offset in .set_msix() callback (git-fixes). * PCI: dwc: ep: Ensure proper iteration over outbound map windows (stable- fixes). * PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git- fixes). * PCI: vmd: Disable MSI remapping bypass under Xen (stable-fixes). * PM: runtime: fix denying of auto suspend in pm_suspend_timer_fn() (stable- fixes). * PM: sleep: Fix power.is_suspended cleanup for direct-complete devices (git- fixes). * PM: sleep: Print PM debug messages during hibernation (git-fixes). * PM: wakeup: Delete space in the end of string shown by pm_show_wakelocks() (git-fixes). * RDMA/core: Fix best page size finding when it can cross SG entries (git- fixes) * RDMA/uverbs: Propagate errors from rdma_lookup_get_uobject() (git-fixes) * Remove compress-vmlinux.sh /usr/lib/rpm/brp-suse.d/brp-99-compress-vmlinux was added in pesign-obs-integration during SLE12 RC. This workaround can be removed. * Remove host-memcpy-hack.h This might have been usefult at some point but we have more things that depend on specific library versions today. * Remove try-disable-staging-driver The config for linux-next is autogenerated from master config, and defaults filled for missing options. This is unlikely to enable any staging driver in the first place. * Revert "ALSA: usb-audio: Skip setting clock selector for single connections" (stable-fixes). * Revert "arm64: dts: allwinner: h6: Use RSB for AXP805 PMIC (git-fixes) * Revert "bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first" (stable-fixes). * Revert "drm/amdgpu: do not allow userspace to create a doorbell BO" (stable- fixes). * Revert "ipv6: save dontfrag in cork (git-fixes)." * Revert "kABI: ipv6: save dontfrag in cork (git-fixes)." * Revert "wifi: mt76: mt7996: fill txd by host driver" (stable-fixes). * Revert "wifi: mwifiex: Fix HT40 bandwidth issue." (git-fixes). * SUNRPC: Do not allow waiting for exiting tasks (git-fixes). * SUNRPC: Prevent hang on NFS mount with xprtsec=[m]tls (git-fixes). * SUNRPC: rpc_clnt_set_transport() must not change the autobind setting (git- fixes). * SUNRPC: rpcbind should never reset the port to the value '0' (git-fixes). * USB: serial: pl2303: add new chip PL2303GC-Q20 and PL2303GT-2AB (stable- fixes). * VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify (git-fixes). * accel/ivpu: Improve buffer object logging (git-fixes). * accel/ivpu: Use dma_resv_lock() instead of a custom mutex (git-fixes). * accel/qaic: Mask out SR-IOV PCI resources (stable-fixes). * acpi-cpufreq: Fix nominal_freq units to KHz in get_max_boost_ratio() (git- fixes). * add bug reference toexisting hv_storvsc change (bsc#1245455). * arm64: dts: marvell: uDPU: define pinctrl state for alarm LEDs (git-fixes) * ata: libata-eh: Do not use ATAPI DMA for a device limited to PIO mode (stable-fixes). * ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 (stable-fixes). * ath10k: snoc: fix unbalanced IRQ enable in crash recovery (git-fixes). * backlight: pm8941: Add NULL check in wled_configure() (git-fixes). * bnxt: properly flush XDP redirect lists (git-fixes). * bpf: Force uprobe bpf program to always return 0 (git-fixes). * bs-upload-kernel: Pass limit_packages also on multibuild Fixes: 0999112774fc ("MyBS: Use buildflags to set which package to build") Fixes: 747f601d4156 ("bs-upload-kernel, MyBS, Buildresults: Support multibuild (JSC-SLE#5501, boo#1211226, bsc#1218184)") * btrfs: fix fsync of files with no hard links not persisting deletion (git- fixes). * btrfs: fix invalid data space release when truncating block in NOCOW mode (git-fixes). * btrfs: fix qgroup reservation leak on failure to allocate ordered extent (git-fixes). * btrfs: fix wrong start offset for delalloc space release during mmap write (git-fixes). * btrfs: remove end_no_trans label from btrfs_log_inode_parent() (git-fixes). * btrfs: simplify condition for logging new dentries at btrfs_log_inode_parent() (git-fixes). * bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device (git- fixes). * bus: fsl-mc: fix GET/SET_TAILDROP command ids (git-fixes). * bus: fsl-mc: fix double-free on mc_dev (git-fixes). * bus: fsl-mc: increase MC_CMD_COMPLETION_TIMEOUT_MS value (stable-fixes). * bus: mhi: host: Fix conflict between power_up and SYSERR (git-fixes). * calipso: Fix null-ptr-deref in calipso_req_{set,del}attr() (git-fixes). * can: c_can: Use of_property_present() to test existence of DT property (stable-fixes). * can: tcan4x5x: fix power regulator retrieval during probe (git-fixes). * ceph: Fix incorrect flush end positioncalculation (git-fixes). * ceph: allocate sparse_ext map only for sparse reads (git-fixes). * ceph: fix memory leaks in __ceph_sync_read() (git-fixes). * cgroup/cpuset: Do not allow creation of local partition over a remote one (bsc#1241166). * cgroup/cpuset: Fix race between newly created partition and dying one (bsc#1241166). * cifs: change tcon status when need_reconnect is set on it (git-fixes). * clocksource: Fix brown-bag boolean thinko in (git-fixes) * clocksource: Make watchdog and suspend-timing multiplication (git-fixes) * crypto: lrw - Only add ecb if it is not already there (git-fixes). * crypto: lzo - Fix compression buffer overrun (stable-fixes). * crypto: marvell/cesa - Avoid empty transfer descriptor (git-fixes). * crypto: marvell/cesa - Do not chain submitted requests (git-fixes). * crypto: marvell/cesa - Handle zero-length skcipher requests (git-fixes). * crypto: octeontx2 - suppress auth failure screaming due to negative tests (stable-fixes). * crypto: qat - add shutdown handler to qat_420xx (git-fixes). * crypto: qat - add shutdown handler to qat_4xxx (git-fixes). * crypto: skcipher - Zap type in crypto_alloc_sync_skcipher (stable-fixes). * crypto: sun8i-ce - move fallback ahash_request to the end of the struct (git-fixes). * crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare() (git-fixes). * crypto: sun8i-ss - do not use sg_dma_len before calling DMA functions (git- fixes). * crypto: xts - Only add ecb if it is not already there (git-fixes). * devlink: Fix referring to hw_addr attribute during state validation (git- fixes). * devlink: fix port dump cmd type (git-fixes). * dlm: mask sk_shutdown value (bsc#1228854). * dlm: use SHUT_RDWR for SCTP shutdown (bsc#1228854). * dmaengine: idxd: cdev: Fix uninitialized use of sva in idxd_cdev_open (stable-fixes). * dmaengine: ti: Add NULL check in udma_probe() (git-fixes). * drivers/rapidio/rio_cm.c: prevent possible heap overwrite(stable-fixes). * drm/amd/display/dm: drop hw_support check in amdgpu_dm_i2c_xfer() (stable- fixes). * drm/amd/display: Add debugging message for brightness caps (bsc#1240650). * drm/amd/display: Add null pointer check for get_first_active_display() (git- fixes). * drm/amd/display: Add support for disconnected eDP streams (stable-fixes). * drm/amd/display: Call FP Protect Before Mode Programming/Mode Support (stable-fixes). * drm/amd/display: Configure DTBCLK_P with OPTC only for dcn401 (stable- fixes). * drm/amd/display: Correct timing_adjust_pending flag setting (stable-fixes). * drm/amd/display: Defer BW-optimization-blocked DRR adjustments (git-fixes). * drm/amd/display: Do not enable replay when vtotal update is pending (stable- fixes). * drm/amd/display: Do not treat wb connector as physical in create_validate_stream_for_sink (stable-fixes). * drm/amd/display: Do not try AUX transactions on disconnected link (stable- fixes). * drm/amd/display: Ensure DMCUB idle before reset on DCN31/DCN35 (stable- fixes). * drm/amd/display: Fix BT2020 YCbCr limited/full range input (stable-fixes). * drm/amd/display: Fix DMUB reset sequence for DCN401 (stable-fixes). * drm/amd/display: Fix default DC and AC levels (bsc#1240650). * drm/amd/display: Fix incorrect DPCD configs while Replay/PSR switch (stable- fixes). * drm/amd/display: Fix p-state type when p-state is unsupported (stable- fixes). * drm/amd/display: Guard against setting dispclk low for dcn31x (stable- fixes). * drm/amd/display: Guard against setting dispclk low when active (stable- fixes). * drm/amd/display: Increase block_sequence array size (stable-fixes). * drm/amd/display: Initial psr_version with correct setting (stable-fixes). * drm/amd/display: Populate register address for dentist for dcn401 (stable- fixes). * drm/amd/display: Read LTTPR ALPM caps during link cap retrieval (stable- fixes). * drm/amd/display: Request HW cursor on DCN3.2 with SubVP(stable-fixes). * drm/amd/display: Skip checking FRL_MODE bit for PCON BW determination (stable-fixes). * drm/amd/display: Support multiple options during psr entry (stable-fixes). * drm/amd/display: Update CR AUX RD interval interpretation (stable-fixes). * drm/amd/display: Use Nominal vBlank If Provided Instead Of Capping It (stable-fixes). * drm/amd/display: calculate the remain segments for all pipes (stable-fixes). * drm/amd/display: check stream id dml21 wrapper to get plane_id (stable- fixes). * drm/amd/display: fix dcn4x init failed (stable-fixes). * drm/amd/display: fix link_set_dpms_off multi-display MST corner case (stable-fixes). * drm/amd/display: handle max_downscale_src_width fail check (stable-fixes). * drm/amd/display: not abort link train when bw is low (stable-fixes). * drm/amd/display: pass calculated dram_speed_mts to dml2 (stable-fixes). * drm/amd/display: remove minimum Dispclk and apply oem panel timing (stable- fixes). * drm/amd/pm: Fetch current power limit from PMFW (stable-fixes). * drm/amd/pm: Skip P2S load for SMU v13.0.12 (stable-fixes). * drm/amd/pp: Fix potential NULL pointer dereference in atomctrl_initialize_mc_reg_table (git-fixes). * drm/amd: Adjust output for discovery error handling (git-fixes). * drm/amdgpu/discovery: check ip_discovery fw file available (stable-fixes). * drm/amdgpu/gfx11: do not read registers in mqd init (stable-fixes). * drm/amdgpu/gfx12: do not read registers in mqd init (stable-fixes). * drm/amdgpu/mes11: fix set_hw_resources_1 calculation (stable-fixes). * drm/amdgpu: Allow P2P access through XGMI (stable-fixes). * drm/amdgpu: Do not program AGP BAR regs under SRIOV in gfxhub_v1_0.c (stable-fixes). * drm/amdgpu: Fix missing drain retry fault the last entry (stable-fixes). * drm/amdgpu: Fix the race condition for draining retry fault (stable-fixes). * drm/amdgpu: Set snoop bit for SDMA for MI series (stable-fixes). * drm/amdgpu: Skip pcie_replay_count sysfs creation for VF(stable-fixes). * drm/amdgpu: Update SRIOV video codec caps (stable-fixes). * drm/amdgpu: Use active umc info from discovery (stable-fixes). * drm/amdgpu: adjust drm_firmware_drivers_only() handling (stable-fixes). * drm/amdgpu: enlarge the VBIOS binary size limit (stable-fixes). * drm/amdgpu: read back register after written for VCN v4.0.5 (stable-fixes). * drm/amdgpu: release xcp_mgr on exit (stable-fixes). * drm/amdgpu: remove all KFD fences from the BO on release (stable-fixes). * drm/amdgpu: reset psp-> cmd to NULL after releasing the buffer (stable- fixes). * drm/amdgpu: switch job hw_fence to amdgpu_fence (git-fixes). * drm/amdkfd: Correct F8_MODE for gfx950 (git-fixes). * drm/amdkfd: KFD release_work possible circular locking (stable-fixes). * drm/amdkfd: Set per-process flags only once cik/vi (stable-fixes). * drm/amdkfd: Set per-process flags only once for gfx9/10/11/12 (stable- fixes). * drm/amdkfd: fix missing L2 cache info in topology (stable-fixes). * drm/amdkfd: set precise mem ops caps to disabled for gfx 11 and 12 (stable- fixes). * drm/ast: Find VBIOS mode from regular display size (stable-fixes). * drm/ast: Fix comment on modeset lock (git-fixes). * drm/atomic: clarify the rules around drm_atomic_state-> allow_modeset (stable-fixes). * drm/bridge: cdns-dsi: Check return value when getting default PHY config (git-fixes). * drm/bridge: cdns-dsi: Fix connecting to next bridge (git-fixes). * drm/bridge: cdns-dsi: Fix phy de-init and flag it so (git-fixes). * drm/bridge: cdns-dsi: Fix the clock variable for mode_valid() (git-fixes). * drm/bridge: cdns-dsi: Wait for Clk and Data Lanes to be ready (git-fixes). * drm/bridge: lt9611uxc: Fix an error handling path in lt9611uxc_probe() (git- fixes). * drm/buddy: fix issue that force_merge cannot free all roots (stable-fixes). * drm/etnaviv: Protect the scheduler's pending list with its lock (git-fixes). * drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1(git-fixes). * drm/i915/guc: Check if expecting reply before decrementing outstanding_submission_g2h (git-fixes). * drm/i915/guc: Handle race condition where wakeref count drops below 0 (git- fixes). * drm/i915/pmu: Fix build error with GCOV and AutoFDO enabled (git-fixes). * drm/i915/psr: Fix using wrong mask in REG_FIELD_PREP (git-fixes). * drm/i915: fix build error some more (git-fixes). * drm/mediatek: Fix kobject put for component sub-drivers (git-fixes). * drm/mediatek: mtk_dpi: Add checks for reg_h_fre_con existence (stable- fixes). * drm/mediatek: mtk_drm_drv: Fix kobject put for mtk_mutex device ptr (git- fixes). * drm/mediatek: mtk_drm_drv: Unbind secondary mmsys components on err (git- fixes). * drm/msm/a6xx: Disable rgb565_predicator on Adreno 7c3 (git-fixes). * drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE (git-fixes). * drm/msm/disp: Correct porch timing for SDM845 (git-fixes). * drm/msm/dpu: Clear CTL_FETCH_PIPE_ACTIVE before blend setup (git-fixes). * drm/msm/dpu: Clear CTL_FETCH_PIPE_ACTIVE on ctl_path reset (git-fixes). * drm/msm/dpu: enable SmartDMA on SC8180X (git-fixes). * drm/msm/dpu: enable SmartDMA on SM8150 (git-fixes). * drm/msm/dsi/dsi_phy_10nm: Fix missing initial VCO rate (git-fixes). * drm/msm/gpu: Fix crash when throttling GPU immediately during boot (git- fixes). * drm/msm: Fix CP_RESET_CONTEXT_STATE bitfield names (git-fixes). * drm/nouveau/bl: increase buffer size to avoid truncate warning (git-fixes). * drm/nouveau: fix the broken marco GSP_MSG_MAX_SIZE (stable-fixes). * drm/panel-edp: Add Starry 116KHD024006 (stable-fixes). * drm/panel-simple: fix the warnings for the Evervision VGG644804 (git-fixes). * drm/panel: samsung-sofef00: Drop s6e3fc2x01 support (git-fixes). * drm/panic: add missing space (git-fixes). * drm/panthor: Fix GPU_COHERENCY_ACE[_LITE] definitions (git-fixes). * drm/panthor: Update panthor_mmu::irq::mask when needed (git-fixes). * drm/rockchip: vop2: Add uv swap for cluster window(stable-fixes). * drm/rockchip: vop2: Improve display modes handling on RK3588 HDMI0 (stable- fixes). * drm/ssd130x: fix ssd132x_clear_screen() columns (git-fixes). * drm/tegra: Assign plane type before registration (git-fixes). * drm/tegra: Fix a possible null pointer dereference (git-fixes). * drm/tegra: rgb: Fix the unbound reference count (git-fixes). * drm/udl: Unregister device before cleaning up on disconnect (git-fixes). * drm/v3d: Add clock handling (stable-fixes). * drm/v3d: Avoid NULL pointer dereference in `v3d_job_update_stats()` (stable- fixes). * drm/vc4: tests: Use return instead of assert (git-fixes). * drm/vkms: Adjust vkms_state-> active_planes allocation type (git-fixes). * drm/vmwgfx: Add error path for xa_store in vmw_bo_add_detached_resource (git-fixes). * drm/vmwgfx: Add seqno waiter for sync_files (git-fixes). * drm/vmwgfx: Fix dumb buffer leak (git-fixes). * drm/xe/bmg: Update Wa_16023588340 (git-fixes). * drm/xe/d3cold: Set power state to D3Cold during s2idle/s3 (git-fixes). * drm/xe/debugfs: Add missing xe_pm_runtime_put in wedge_mode_set (stable- fixes). * drm/xe/debugfs: fixed the return value of wedged_mode_set (stable-fixes). * drm/xe/display: Add check for alloc_ordered_workqueue() (git-fixes). * drm/xe/gt: Update handling of xe_force_wake_get return (stable-fixes). * drm/xe/oa: Ensure that polled read returns latest data (stable-fixes). * drm/xe/pf: Create a link between PF and VF devices (stable-fixes). * drm/xe/pf: Reset GuC VF config when unprovisioning critical resource (stable-fixes). * drm/xe/relay: Do not use GFP_KERNEL for new transactions (stable-fixes). * drm/xe/sa: Always call drm_suballoc_manager_fini() (stable-fixes). * drm/xe/sched: stop re-submitting signalled jobs (git-fixes). * drm/xe/vf: Retry sending MMIO request to GUC on timeout error (stable- fixes). * drm/xe/vm: move rebind_work init earlier (git-fixes). * drm/xe/xe2hpg: Add Wa_22021007897 (stable-fixes). * drm/xe: Create LRCBO without VM (git-fixes). * drm/xe: Do not attempt to bootstrap VF in execlists mode (stable-fixes). * drm/xe: Fix memset on iomem (git-fixes). * drm/xe: Fix xe_tile_init_noalloc() error propagation (stable-fixes). * drm/xe: Make xe_gt_freq part of the Documentation (git-fixes). * drm/xe: Move suballocator init to after display init (stable-fixes). * drm/xe: Nuke VM's mapping upon close (stable-fixes). * drm/xe: Process deferred GGTT node removals on device unwind (git-fixes). * drm/xe: Reject BO eviction if BO is bound to current VM (stable-fixes). * drm/xe: Retry BO allocation (stable-fixes). * drm/xe: Rework eviction rejection of bound external bos (git-fixes). * drm/xe: Save the gt pointer in lrc and drop the tile (stable-fixes). * drm/xe: Stop ignoring errors from xe_ttm_stolen_mgr_init() (stable-fixes). * drm/xe: Wire up device shutdown handler (stable-fixes). * drm/xe: remove unmatched xe_vm_unlock() from __xe_exec_queue_init() (git- fixes). * drm/xe: xe_gen_wa_oob: replace program_invocation_short_name (stable-fixes). * drm: Add valid clones check (stable-fixes). * drm: bridge: adv7511: fill stream capabilities (stable-fixes). * drm: rcar-du: Fix memory leak in rcar_du_vsps_init() (git-fixes). * dummycon: Trigger redraw when switching consoles with deferred takeover (git-fixes). * e1000e: set fixed clock frequency indication for Nahum 11 and Nahum 13 (git- fixes). * efi/libstub: Describe missing 'out' parameter in efi_load_initrd (git- fixes). * fbcon: Make sure modelist not set on unregistered console (stable-fixes). * fbcon: Use correct erase colour for clearing in fbcon (stable-fixes). * fbdev/efifb: Remove PM for parent device (bsc#1244261). * fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var (git-fixes). * fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var (git- fixes). * fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod() (git-fixes). * fbdev: core:tileblit: Implement missing margin clearing for tileblit (stable-fixes). * fbdev: fsl-diu-fb: add missing device_remove_file() (stable-fixes). * fgraph: Still initialize idle shadow stacks when starting (git-fixes). * firmware: SDEI: Allow sdei initialization without ACPI_APEI_GHES (git- fixes). * firmware: arm_ffa: Reject higher major version as incompatible (stable- fixes). * firmware: arm_ffa: Set dma_mask for ffa devices (stable-fixes). * firmware: arm_scmi: Relax duplicate name constraint across protocol ids (stable-fixes). * firmware: psci: Fix refcount leak in psci_dt_init (git-fixes). * fpga: altera-cvp: Increase credit timeout (stable-fixes). * fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio() (git-fixes). * gpio: mlxbf3: only get IRQ for device instance 0 (git-fixes). * gpio: pca953x: Simplify code with cleanup helpers (stable-fixes). * gpio: pca953x: Split pca953x_restore_context() and pca953x_save_context() (stable-fixes). * gpio: pca953x: fix IRQ storm on system wake up (git-fixes). * gpiolib: Revert "Do not WARN on gpiod_put() for optional GPIO" (stable- fixes). * gve: Fix RX_BUFFERS_POSTED stat to report per-queue fill_cnt (git-fixes). * gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO (git- fixes). * hwmon: (asus-ec-sensors) check sensor index in read_string() (git-fixes). * hwmon: (dell-smm) Increment the number of fans (stable-fixes). * hwmon: (ftsteutates) Fix TOCTOU race in fts_read() (git-fixes). * hwmon: (gpio-fan) Add missing mutex locks (stable-fixes). * hwmon: (nct6775): Actually make use of the HWMON_NCT6775 symbol namespace (git-fixes). * hwmon: (occ) Rework attribute registration for stack usage (git-fixes). * hwmon: (occ) fix unaligned accesses (git-fixes). * hwmon: (peci/dimmtemp) Do not provide fake thresholds data (git-fixes). * hwmon: (xgene-hwmon) use appropriate type for the latency value (stable- fixes). * hwmon: corsair-psu: add USB id of HX1200i Series2023 psu (git-fixes). * i2c: designware: Invoke runtime suspend on quick slave re-registration (stable-fixes). * i2c: npcm: Add clock toggle recovery (stable-fixes). * i2c: pxa: fix call balance of i2c-> clk handling routines (stable-fixes). * i2c: qup: Vote for interconnect bandwidth to DRAM (stable-fixes). * i2c: robotfuzz-osif: disable zero-length read messages (git-fixes). * i2c: tegra: check msg length in SMBUS block read (bsc#1242086) * i2c: tiny-usb: disable zero-length read messages (git-fixes). * i3c: master: svc: Fix implicit fallthrough in svc_i3c_master_ibi_work() (git-fixes). * i3c: master: svc: Fix missing STOP for master request (stable-fixes). * i3c: master: svc: Flush FIFO before sending Dynamic Address Assignment(DAA) (stable-fixes). * i40e: retry VFLR handling if there is ongoing VF reset (git-fixes). * i40e: return false from i40e_reset_vf if reset is in progress (git-fixes). * ice: Fix LACP bonds without SRIOV environment (git-fixes). * ice: create new Tx scheduler nodes for new queues only (git-fixes). * ice: fix Tx scheduler error handling in XDP callback (git-fixes). * ice: fix rebuilding the Tx scheduler tree for large queue counts (git- fixes). * ice: fix vf-> num_mac count with port representors (git-fixes). * ieee802154: ca8210: Use proper setters and getters for bitwise types (stable-fixes). * iio: accel: fxls8962af: Fix temperature scan element sign (git-fixes). * iio: adc: ad7124: Fix 3dB filter frequency reading (git-fixes). * iio: adc: ad7606_spi: fix reg write value mask (git-fixes). * iio: filter: admv8818: Support frequencies > = 2^32 (git-fixes). * iio: filter: admv8818: fix band 4, state 15 (git-fixes). * iio: filter: admv8818: fix integer overflow (git-fixes). * iio: filter: admv8818: fix range calculation (git-fixes). * iio: imu: inv_icm42600: Fix temperature calculation (git-fixes). * ima: Suspend PCR extends and log appends when rebooting (bsc#1210025 ltc#196650). * ima: process_measurement()needlessly takes inode_lock() on MAY_READ (stable-fixes). * intel_th: avoid using deprecated page-> mapping, index fields (stable-fixes). * iommu: Protect against overflow in iommu_pgsize() (git-fixes). * iommu: Skip PASID validation for devices without PASID capability (bsc#1244100) * iommu: Validate the PASID in iommu_attach_device_pasid() (bsc#1244100) * ip6mr: fix tables suspicious RCU usage (git-fixes). * ip_tunnel: annotate data-races around t-> parms.link (git-fixes). * ipmr: fix incorrect parameter validation in the ip_mroute_getsockopt() function (git-fixes). * ipmr: fix tables suspicious RCU usage (git-fixes). * ipv4: Convert ip_route_input() to dscp_t (git-fixes). * ipv4: Correct/silence an endian warning in __ip_do_redirect (git-fixes). * ipv6: save dontfrag in cork (git-fixes). * ipvs: Always clear ipvs_property flag in skb_scrub_packet() (git-fixes). * isolcpus: fix bug in returning number of allocated cpumask (bsc#1243774). * jffs2: check jffs2_prealloc_raw_node_refs() result in few other places (git- fixes). * jffs2: check that raw node were preallocated before writing summary (git- fixes). * kABI workaround for hda_codec.beep_just_power_on flag (git-fixes). * kABI: PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes). * kABI: ipv6: save dontfrag in cork (git-fixes). * kABI: serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git- fixes). * kabi: restore layout of struct cgroup_subsys (bsc#1241166). * kabi: restore layout of struct mem_control (jsc#PED-12551). * kabi: restore layout of struct page_counter (jsc#PED-12551). * kernel-source: Remove log.sh from sources * leds: pwm-multicolor: Add check for fwnode_property_read_u32 (stable-fixes). * loop: Add sanity check for read/write_iter (git-fixes). * loop: add file_start_write() and file_end_write() (git-fixes). * mailbox: use error ret code of of_parse_phandle_with_args() (stable-fixes). * md/raid1,raid10: do not handle IOerror for REQ_RAHEAD and REQ_NOWAIT (git- fixes). * md/raid1: Add check for missing source disk in process_checks() (git-fixes). * media: adv7180: Disable test-pattern control on adv7180 (stable-fixes). * media: c8sectpfe: Call of_node_put(i2c_bus) only once in c8sectpfe_probe() (stable-fixes). * media: ccs-pll: Check for too high VT PLL multiplier in dual PLL case (git- fixes). * media: ccs-pll: Correct the upper limit of maximum op_pre_pll_clk_div (git- fixes). * media: ccs-pll: Start OP pre-PLL multiplier search from correct value (git- fixes). * media: ccs-pll: Start VT pre-PLL multiplier search from correct value (git- fixes). * media: cx231xx: set device_caps for 417 (stable-fixes). * media: cxusb: no longer judge rbuf when the write fails (git-fixes). * media: davinci: vpif: Fix memory leak in probe error path (git-fixes). * media: gspca: Add error handling for stv06xx_read_sensor() (git-fixes). * media: i2c: imx219: Correct the minimum vblanking value (stable-fixes). * media: imx-jpeg: Cleanup after an allocation error (git-fixes). * media: imx-jpeg: Drop the first error frames (git-fixes). * media: imx-jpeg: Move mxc_jpeg_free_slot_data() ahead (git-fixes). * media: imx-jpeg: Reset slot data pointers when freed (git-fixes). * media: intel/ipu6: Fix dma mask for non-secure mode (git-fixes). * media: ipu6: Remove workaround for Meteor Lake ES2 (git-fixes). * media: nxp: imx8-isi: better handle the m2m usage_count (git-fixes). * media: omap3isp: use sgtable-based scatterlist wrappers (git-fixes). * media: ov2740: Move pm-runtime cleanup on probe-errors to proper place (git- fixes). * media: ov5675: suppress probe deferral errors (git-fixes). * media: ov8856: suppress probe deferral errors (git-fixes). * media: platform: mtk-mdp3: Remove unused mdp_get_plat_device (git-fixes). * media: qcom: camss: csid: Only add TPG v4l2 ctrl if TPG hardware is available (stable-fixes). * media: rkvdec: Fix frame size enumeration(git-fixes). * media: tc358746: improve calculation of the D-PHY timing registers (stable- fixes). * media: test-drivers: vivid: do not call schedule in loop (stable-fixes). * media: uvcvideo: Add sanity check to uvc_ioctl_xu_ctrl_map (stable-fixes). * media: uvcvideo: Fix deferred probing error (git-fixes). * media: uvcvideo: Handle uvc menu translation inside uvc_get_le_value (stable-fixes). * media: uvcvideo: Return the number of processed controls (git-fixes). * media: v4l2-dev: fix error handling in __video_register_device() (git- fixes). * media: v4l: Memset argument to 0 before calling get_mbus_config pad op (stable-fixes). * media: venus: Fix probe error handling (git-fixes). * media: verisilicon: Free post processor buffers on error (git-fixes). * media: videobuf2: use sgtable-based scatterlist wrappers (git-fixes). * media: vidtv: Terminating the subsequent process of initialization failure (git-fixes). * media: vivid: Change the siize of the composing (git-fixes). * mfd: exynos-lpass: Avoid calling exynos_lpass_disable() twice in exynos_lpass_remove() (git-fixes). * mfd: stmpe-spi: Correct the name used in MODULE_DEVICE_TABLE (git-fixes). * mfd: tps65219: Remove TPS65219_REG_TI_DEV_ID check (stable-fixes). * mkspec: Exclude rt flavor from kernel-syms dependencies (bsc#1244337). * mm, memcg: cg2 memory{.swap,}.peak write handlers (jsc#PED-12551). * mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245431). * mm/hugetlb: unshare page tables during VMA split, not before (bsc#1245431). * mm/memcontrol: export memcg.swap watermark via sysfs for v2 memcg (jsc#PED-12551). * mmc: Add quirk to disable DDR50 tuning (stable-fixes). * mmc: dw_mmc: add exynos7870 DW MMC support (stable-fixes). * mmc: host: Wait for Vdd to settle on card power off (stable-fixes). * mmc: sdhci: Disable SD card clock before changing parameters (stable-fixes). * mtd: nand: ecc-mxic: Fix use of uninitialized variable ret (git-fixes). * mtd: nand:sunxi: Add randomizer configuration before randomizer enable (git-fixes). * mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk (git-fixes). * neighbour: Do not let neigh_forced_gc() disable preemption for long (git- fixes). * net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (git- fixes). * net/mdiobus: Fix potential out-of-bounds read/write access (git-fixes). * net/mlx4_en: Prevent potential integer overflow calculating Hz (git-fixes). * net/mlx5: Add error handling in mlx5_query_nic_vport_node_guid() (git- fixes). * net/mlx5: Ensure fw pages are always allocated on same NUMA (git-fixes). * net/mlx5: Fix ECVF vports unload on shutdown flow (git-fixes). * net/mlx5: Fix return value when searching for existing flow group (git- fixes). * net/mlx5_core: Add error handling inmlx5_query_nic_vport_qkey_viol_cntr() (git-fixes). * net/mlx5e: Fix leak of Geneve TLV option object (git-fixes). * net/neighbor: clear error in case strict check is not set (git-fixes). * net/sched: fix use-after-free in taprio_dev_notifier (git-fixes). * net: Fix TOCTOU issue in sk_is_readable() (git-fixes). * net: Implement missing getsockopt(SO_TIMESTAMPING_NEW) (git-fixes). * net: add rcu safety to rtnl_prop_list_size() (git-fixes). * net: fix udp gso skb_segment after pull from frag_list (git-fixes). * net: give more chances to rcu in netdev_wait_allrefs_any() (git-fixes). * net: ice: Perform accurate aRFS flow match (git-fixes). * net: ipv4: fix a memleak in ip_setup_cork (git-fixes). * net: linkwatch: use system_unbound_wq (git-fixes). * net: mana: Add support for Multi Vports on Bare metal (bsc#1244229). * net: mana: Record doorbell physical address in PF mode (bsc#1244229). * net: page_pool: fix warning code (git-fixes). * net: phy: clear phydev-> devlink when the link is deleted (git-fixes). * net: phy: fix up const issues in to_mdio_device() and to_phy_device() (git- fixes). * net: phy: movephy_link_change() prior to mdio_bus_phy_may_suspend() (bsc#1243538) * net: phy: mscc: Fix memory leak when using one step timestamping (git- fixes). * net: phy: mscc: Stop clearing the the UDPv4 checksum for L2 frames (git- fixes). * net: sched: cls_u32: Fix allocation size in u32_init() (git-fixes). * net: sched: consistently use rcu_replace_pointer() in taprio_change() (git- fixes). * net: sched: em_text: fix possible memory leak in em_text_destroy() (git- fixes). * net: sched: fix erspan_opt settings in cls_flower (git-fixes). * net: usb: aqc111: debug info before sanitation (git-fixes). * net: usb: aqc111: fix error handling of usbnet read calls (git-fixes). * net: wwan: t7xx: Fix napi rx poll issue (git-fixes). * net_sched: ets: fix a race in ets_qdisc_change() (git-fixes). * net_sched: prio: fix a race in prio_tune() (git-fixes). * net_sched: red: fix a race in __red_change() (git-fixes). * net_sched: sch_fifo: implement lockless __fifo_dump() (bsc#1237312) * net_sched: sch_sfq: reject invalid perturb period (git-fixes). * net_sched: sch_sfq: use a temporary work area for validating configuration (bsc#1232504) * net_sched: tbf: fix a race in tbf_change() (git-fixes). * netdev-genl: Hold rcu_read_lock in napi_get (git-fixes). * netlink: fix potential sleeping issue in mqueue_flush_file (git-fixes). * netlink: specs: dpll: replace underscores with dashes in names (git-fixes). * netpoll: Use rcu_access_pointer() in __netpoll_setup (git-fixes). * netpoll: hold rcu read lock in __netpoll_send_skb() (git-fixes). * nfsd: Initialize ssc before laundromat_work to prevent NULL dereference (git-fixes). * nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request (git- fixes). * nfsd: validate the nfsd_serv pointer before calling svc_wake_up (git-fixes). * ntp: Clamp maxerror and esterror to operating range (git-fixes) * ntp: Remove invalid cast in time offset math (git-fixes) * ntp: Safeguard against time_constantoverflow (git-fixes) * nvme-fc: do not reference lsrsp after failure (bsc#1245193). * nvme-pci: add NVME_QUIRK_NO_DEEPEST_PS quirk for SOLIDIGM P44 Pro (git- fixes). * nvme-pci: add quirks for WDC Blue SN550 15b7:5009 (git-fixes). * nvme-pci: add quirks for device 126f:1001 (git-fixes). * nvme: always punt polled uring_cmd end_io work to task_work (git-fixes). * nvme: fix command limits status code (git-fixes). * nvme: fix implicit bool to flags conversion (git-fixes). * nvmet-fc: free pending reqs on tgtport unregister (bsc#1245193). * nvmet-fc: take tgtport refs for portentry (bsc#1245193). * nvmet-fcloop: access fcpreq only when holding reqlock (bsc#1245193). * nvmet-fcloop: add missing fcloop_callback_host_done (bsc#1245193). * nvmet-fcloop: allocate/free fcloop_lsreq directly (bsc#1245193). * nvmet-fcloop: do not wait for lport cleanup (bsc#1245193). * nvmet-fcloop: drop response if targetport is gone (bsc#1245193). * nvmet-fcloop: prevent double port deletion (bsc#1245193). * nvmet-fcloop: refactor fcloop_delete_local_port (bsc#1245193). * nvmet-fcloop: refactor fcloop_nport_alloc and track lport (bsc#1245193). * nvmet-fcloop: remove nport from list on last user (bsc#1245193). * nvmet-fcloop: track ref counts for nports (bsc#1245193). * nvmet-fcloop: update refs on tfcp_req (bsc#1245193). * orangefs: Do not truncate file size (git-fixes). * pNFS/flexfiles: Report ENETDOWN as a connection error (git-fixes). * page_pool: Fix use-after-free in page_pool_recycle_in_ring (git-fixes). * phy: core: do not require set_mode() callback for phy_get_mode() to work (stable-fixes). * phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug (git-fixes). * phy: renesas: rcar-gen3-usb2: Add support to initialize the bus (stable- fixes). * phy: renesas: rcar-gen3-usb2: Assert PLL reset on PHY power off (git-fixes). * phy: renesas: rcar-gen3-usb2: Lock around hardware registers and driver data (git-fixes). * phy: renesas: rcar-gen3-usb2: Move IRQ request inprobe (stable-fixes). * pinctrl-tegra: Restore SFSEL bit when freeing pins (stable-fixes). * pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get() (stable- fixes). * pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get_direction() (stable-fixes). * pinctrl: armada-37xx: propagate error from armada_37xx_pmx_gpio_set_direction() (stable-fixes). * pinctrl: armada-37xx: propagate error from armada_37xx_pmx_set_by_name() (stable-fixes). * pinctrl: armada-37xx: set GPIO output value before setting direction (git- fixes). * pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs > 31 (git- fixes). * pinctrl: at91: Fix possible out-of-boundary access (git-fixes). * pinctrl: bcm281xx: Use "unsigned int" instead of bare "unsigned" (stable- fixes). * pinctrl: devicetree: do not goto err when probing hogs in pinctrl_dt_to_map (stable-fixes). * pinctrl: mcp23s08: Reset all pins to input at probe (stable-fixes). * pinctrl: meson: define the pull up/down resistor value as 60 kOhm (stable- fixes). * pinctrl: qcom: pinctrl-qcm2290: Add missing pins (git-fixes). * pinctrl: st: Drop unused st_gpio_bank() function (git-fixes). * pinctrl: tegra: Fix off by one in tegra_pinctrl_get_group() (git-fixes). * platform/x86/amd/hsmp: Add new error code and error logs (jsc#PED-13094). * platform/x86/amd/hsmp: Add support for HSMP protocol version 7 messages (jsc#PED-13094). * platform/x86/amd/hsmp: Change generic plat_dev name to hsmp_pdev (jsc#PED-13094). * platform/x86/amd/hsmp: Change the error type (jsc#PED-13094). * platform/x86/amd/hsmp: Convert amd_hsmp_rdwr() to a function pointer (jsc#PED-13094). * platform/x86/amd/hsmp: Create hsmp/ directory (jsc#PED-13094). * platform/x86/amd/hsmp: Create separate ACPI, plat and common drivers (jsc#PED-13094). * platform/x86/amd/hsmp: Create wrapper function init_acpi() (jsc#PED-13094). * platform/x86/amd/hsmp: Make amd_hsmp and hsmp_acpi as mutually exclusive drivers (jsc#PED-13094). * platform/x86/amd/hsmp: Make hsmp_pdev static instead of global (jsc#PED-13094). * platform/x86/amd/hsmp: Move ACPI code to acpi.c (jsc#PED-13094). * platform/x86/amd/hsmp: Move platform device specific code to plat.c (jsc#PED-13094). * platform/x86/amd/hsmp: Move structure and macros to header file (jsc#PED-13094). * platform/x86/amd/hsmp: Report power via hwmon sensor (jsc#PED-13094). * platform/x86/amd/hsmp: Use a single DRIVER_VERSION for all hsmp modules (jsc#PED-13094). * platform/x86/amd/hsmp: Use dev_groups in the driver structure (jsc#PED-13094). * platform/x86/amd/hsmp: Use name space while exporting module symbols (jsc#PED-13094). * platform/x86/amd/hsmp: acpi: Add sysfs files to display HSMP telemetry (jsc#PED-13094). * platform/x86/amd/hsmp: fix building with CONFIG_HWMON=m (jsc#PED-13094). * platform/x86/amd/hsmp: mark hsmp_msg_desc_table as maybe_unused (git-fixes). * platform/x86/amd: pmc: Clear metrics table at start of cycle (git-fixes). * platform/x86/intel-uncore-freq: Fail module load when plat_info is NULL (git-fixes). * platform/x86: amd: Use _-y instead of_ -objs in Makefiles (jsc#PED-13094). * platform/x86: dell_rbu: Fix list usage (git-fixes). * platform/x86: dell_rbu: Stop overwriting data buffer (git-fixes). * platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (git-fixes). * platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (stable-fixes). * platform/x86: hp-bioscfg: Annotate struct bios_args with __counted_by (jsc#PED-13019). * platform/x86: hp-bioscfg: Change how enum possible values size is evaluated (jsc#PED-13019). * platform/x86: hp-bioscfg: Change how order list size is evaluated (jsc#PED-13019). * platform/x86: hp-bioscfg: Change how password encoding size is evaluated (jsc#PED-13019). * platform/x86: hp-bioscfg: Change how prerequisites size is evaluated (jsc#PED-13019). * platform/x86: hp-bioscfg: Fix error handling inhp_add_other_attributes() (jsc#PED-13019). * platform/x86: hp-bioscfg: Fix memory leaks in attribute packages (jsc#PED-13019). * platform/x86: hp-bioscfg: Fix reference leak (jsc#PED-13019). * platform/x86: hp-bioscfg: Fix uninitialized variable errors (jsc#PED-13019). * platform/x86: hp-bioscfg: Makefile (jsc#PED-13019). * platform/x86: hp-bioscfg: Remove duplicate use of variable in inner loop (jsc#PED-13019). * platform/x86: hp-bioscfg: Remove unused obj in hp_add_other_attributes() (jsc#PED-13019). * platform/x86: hp-bioscfg: Removed needless asm-generic (jsc#PED-13019). * platform/x86: hp-bioscfg: Replace the word HACK from source code (jsc#PED-13019). * platform/x86: hp-bioscfg: Simplify return check in hp_add_other_attributes() (jsc#PED-13019). * platform/x86: hp-bioscfg: Update steps order list elements are evaluated (jsc#PED-13019). * platform/x86: hp-bioscfg: Use kmemdup() to replace kmalloc + memcpy (jsc#PED-13019). * platform/x86: hp-bioscfg: biosattr-interface (jsc#PED-13019). * platform/x86: hp-bioscfg: bioscfg (jsc#PED-13019). * platform/x86: hp-bioscfg: bioscfg-h (jsc#PED-13019). * platform/x86: hp-bioscfg: enum-attributes (jsc#PED-13019). * platform/x86: hp-bioscfg: fix a signedness bug in hp_wmi_perform_query() (jsc#PED-13019). * platform/x86: hp-bioscfg: fix error reporting in hp_add_other_attributes() (jsc#PED-13019). * platform/x86: hp-bioscfg: int-attributes (jsc#PED-13019). * platform/x86: hp-bioscfg: move mutex_lock() down in hp_add_other_attributes() (jsc#PED-13019). * platform/x86: hp-bioscfg: order-list-attributes (jsc#PED-13019). * platform/x86: hp-bioscfg: passwdobj-attributes (jsc#PED-13019). * platform/x86: hp-bioscfg: prevent a small buffer overflow (jsc#PED-13019). * platform/x86: hp-bioscfg: spmobj-attributes (jsc#PED-13019). * platform/x86: hp-bioscfg: string-attributes (jsc#PED-13019). * platform/x86: hp-bioscfg: surestart-attributes (jsc#PED-13019). * platform/x86: ideapad-laptop:use usleep_range() for EC polling (git-fixes). * platform/x86: thinkpad_acpi: Ignore battery threshold change event notification (stable-fixes). * platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (git-fixes). * platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (stable-fixes). * power: reset: at91-reset: Optimize at91_reset() (git-fixes). * power: supply: bq27xxx: Retrieve again when busy (stable-fixes). * power: supply: collie: Fix wakeup source leaks on device unbind (stable- fixes). * powerpc/eeh: Fix missing PE bridge reconfiguration during VFIO EEH recovery (bsc#1215199). * powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap (bsc#1244309 ltc#213790). * powerpc/pseries/msi: Avoid reading PCI device registers in reduced power states (bsc#1215199). * powerpc/vas: Return -EINVAL if the offset is non-zero in mmap() (bsc#1244309 ltc#213790). * pstore: Change kmsg_bytes storage size to u32 (git-fixes). * ptp: ocp: fix start time alignment in ptp_ocp_signal_set (git-fixes). * ptp: ocp: reject unsupported periodic output flags (git-fixes). * ptp: remove ptp-> n_vclocks check logic in ptp_vclock_in_use() (git-fixes). * r8152: add vendor/device ID pair for Dell Alienware AW1022z (git-fixes). * regulator: ad5398: Add device tree support (stable-fixes). * regulator: max14577: Add error check for max14577_read_reg() (git-fixes). * regulator: max20086: Change enable gpio to optional (git-fixes). * regulator: max20086: Fix MAX200086 chip id (git-fixes). * regulator: max20086: Fix refcount leak in max20086_parse_regulators_dt() (git-fixes). * rpm/check-for-config-changes: add more to IGNORED_CONFIGS_RE Useful when someone tries (needs) to build the kernel with clang. * rpm/kernel-source.changes.old: Drop bogus bugzilla reference (bsc#1244725) * rpm: Stop using is_kotd_qa macro This macro is set by bs-upload-kernel, and a conditional in each spec file is used to determine when to build the spec file.This logic should not really be in the spec file. Previously this was done with package links and package meta for the individula links. However, the use of package links is rejected for packages in git based release projects (nothing to do with git actually, new policy). An alternative to package links is multibuild. However, for multibuild packages package meta cannot be used to set which spec file gets built. Use prjcon buildflags instead, and remove this conditional. Depends on bs-upload-kernel adding the build flag. * rtc: Fix offset calculation for .start_secs < 0 (git-fixes). * rtc: Make rtc_time64_to_tm() support dates before 1970 (stable-fixes). * rtc: at91rm9200: drop unused module alias (git-fixes). * rtc: cmos: use spin_lock_irqsave in cmos_interrupt (git-fixes). * rtc: cpcap: drop unused module alias (git-fixes). * rtc: da9063: drop unused module alias (git-fixes). * rtc: ds1307: stop disabling alarms on probe (stable-fixes). * rtc: jz4740: drop unused module alias (git-fixes). * rtc: pm8xxx: drop unused module alias (git-fixes). * rtc: rv3032: fix EERD location (stable-fixes). * rtc: s3c: drop unused module alias (git-fixes). * rtc: sh: assign correct interrupts with DT (git-fixes). * rtc: stm32: drop unused module alias (git-fixes). * s390/pci: Allow re-add of a reserved but not yet removed device (bsc#1244145). * s390/pci: Fix __pcilg_mio_inuser() inline assembly (git-fixes bsc#1245226). * s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (git-fixes bsc#1244145). * s390/pci: Fix potential double remove of hotplug slot (bsc#1244145). * s390/pci: Prevent self deletion in disable_slot() (bsc#1244145). * s390/pci: Remove redundant bus removal and disable from zpci_release_device() (bsc#1244145). * s390/pci: Serialize device addition and removal (bsc#1244145). * s390/pci: introduce lock to synchronize state of zpci_dev's (jsc#PED-10253 bsc#1244145). * s390/pci: remove hotplug slot whenreleasing the device (bsc#1244145). * s390/pci: rename lock member in struct zpci_dev (jsc#PED-10253 bsc#1244145). * s390/tty: Fix a potential memory leak bug (git-fixes bsc#1245228). * scsi: Improve CDL control (git-fixes). * scsi: dc395x: Remove DEBUG conditional compilation (git-fixes). * scsi: dc395x: Remove leftover if statement in reselect() (git-fixes). * scsi: elx: efct: Fix memory leak in efct_hw_parse_filter() (git-fixes). * scsi: hisi_sas: Call I_T_nexus after soft reset for SATA disk (git-fixes). * scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git- fixes). * scsi: iscsi: Fix incorrect error path labels for flashnode operations (git- fixes). * scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes). * scsi: mpi3mr: Add level check to control event logging (git-fixes). * scsi: mpt3sas: Fix _ctl_get_mpt_mctp_passthru_adapter() to return IOC pointer (git-fixes). * scsi: mpt3sas: Send a diag reset if target reset fails (git-fixes). * scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes). * scsi: qedf: Use designated initializer for struct qed_fcoe_cb_ops (git- fixes). * scsi: sd_zbc: block: Respect bio vector limits for REPORT ZONES buffer (git- fixes). * scsi: smartpqi: Fix smp_processor_id() call trace for preemptible kernels (git-fixes). * scsi: st: ERASE does not change tape location (git-fixes). * scsi: st: Restore some drive settings after reset (git-fixes). * scsi: st: Tighten the page format heuristics with MODE SELECT (git-fixes). * scsi: storvsc: Do not report the host packet status as the hv status (git- fixes). * scsi: storvsc: Increase the timeouts to storvsc_timeout (git-fixes). * selftests/bpf: Fix bpf_nf selftest failure (git-fixes). * selftests/mm: restore default nr_hugepages value during cleanup in hugetlb_reparenting_test.sh (git-fixes). * selftests/net: have `gro.sh -t` return a correct exit code (stable-fixes). * selftests/seccomp: fix syscall_restarttest for arm compat (git-fixes). * serial: Fix potential null-ptr-deref in mlb_usio_probe() (git-fixes). * serial: core: restore of_node information in sysfs (git-fixes). * serial: imx: Restore original RXTL for console to fix data loss (git-fixes). * serial: jsm: fix NPE during jsm_uart_port_init (git-fixes). * serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes). * serial: sh-sci: Move runtime PM enable to sci_probe_single() (stable-fixes). * serial: sh-sci: Save and restore more registers (git-fixes). * serial: sh-sci: Update the suspend/resume support (stable-fixes). * smb3: fix Open files on server counter going negative (git-fixes). * smb: client: Use str_yes_no() helper function (git-fixes). * smb: client: allow more DFS referrals to be cached (git-fixes). * smb: client: avoid unnecessary reconnects when refreshing referrals (git- fixes). * smb: client: change return value in open_cached_dir_by_dentry() if !cfids (git-fixes). * smb: client: do not retry DFS targets on server shutdown (git-fixes). * smb: client: do not trust DFSREF_STORAGE_SERVER bit (git-fixes). * smb: client: do not try following DFS links in cifs_tree_connect() (git- fixes). * smb: client: fix DFS interlink failover (git-fixes). * smb: client: fix DFS mount against old servers with NTLMSSP (git-fixes). * smb: client: fix hang in wait_for_response() for negproto (bsc#1242709). * smb: client: fix potential race in cifs_put_tcon() (git-fixes). * smb: client: fix return value of parse_dfs_referrals() (git-fixes). * smb: client: get rid of @nlsc param in cifs_tree_connect() (git-fixes). * smb: client: get rid of TCP_Server_Info::refpath_lock (git-fixes). * smb: client: get rid of kstrdup() in get_ses_refpath() (git-fixes). * smb: client: improve purging of cached referrals (git-fixes). * smb: client: introduce av_for_each_entry() helper (git-fixes). * smb: client: optimize referral walk on failed link targets (git-fixes). * smb: client: parse DNSdomain name from domain= option (git-fixes). * smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (git-fixes). * smb: client: provide dns_resolve_{unc,name} helpers (git-fixes). * smb: client: refresh referral without acquiring refpath_lock (git-fixes). * smb: client: remove unnecessary checks in open_cached_dir() (git-fixes). * soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop() (git-fixes). * soc: aspeed: lpc: Fix impossible judgment condition (git-fixes). * soc: qcom: smp2p: Fix fallback to qcom,ipc parse (git-fixes). * soc: ti: k3-socinfo: Do not use syscon helper to build regmap (stable- fixes). * software node: Correct a OOB check in software_node_get_reference_args() (stable-fixes). * soundwire: amd: change the soundwire wake enable/disable sequence (stable- fixes). * spi-rockchip: Fix register out of bounds access (stable-fixes). * spi: bcm63xx-hsspi: fix shared reset (git-fixes). * spi: bcm63xx-spi: fix shared reset (git-fixes). * spi: sh-msiof: Fix maximum DMA transfer size (git-fixes). * spi: spi-sun4i: fix early activation (stable-fixes). * spi: tegra210-quad: Fix X1_X2_X4 encoding and support x4 transfers (git- fixes). * spi: tegra210-quad: modify chip select (CS) deactivation (git-fixes). * spi: tegra210-quad: remove redundant error handling code (git-fixes). * spi: zynqmp-gqspi: Always acknowledge interrupts (stable-fixes). * staging: iio: ad5933: Correct settling cycles encoding per datasheet (git- fixes). * staging: rtl8723bs: Avoid memset() in aes_cipher() and aes_decipher() (git- fixes). * struct usci: hide additional member (git-fixes). * sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (git- fixes). * supported.conf: Add SNP SVSM vTPM driver * supported.conf: add it * supported.conf: support firmware_attributes_class * svsm: Add header with SVSM_VTPM_CMD helpers (bsc#1241191). * sysfb: Fix screen_info type check for VGA (git-fixes). * tcp/dccp: allow a connection whensk_max_ack_backlog is zero (git-fixes). * tcp/dccp: bypass empty buckets in inet_twsk_purge() (git-fixes). * tcp/dccp: complete lockless accesses to sk-> sk_max_ack_backlog (git-fixes). * tcp: bring back NUMA dispersion in inet_ehash_locks_alloc() (git-fixes). * tcp_metrics: optimize tcp_metrics_flush_all() (git-fixes). * thermal/drivers/mediatek/lvts: Fix debugfs unregister on failure (git- fixes). * thermal/drivers/qoriq: Power down TMU on system suspend (stable-fixes). * thunderbolt: Do not add non-active NVM if NVM upgrade is disabled for retimer (stable-fixes). * thunderbolt: Do not double dequeue a configuration request (stable-fixes). * thunderbolt: Fix a logic error in wake on connect (git-fixes). * thunderbolt: Improve redrive mode handling (git-fixes). * timekeeping: Fix bogus clock_was_set() invocation in (git-fixes) * timekeeping: Fix cross-timestamp interpolation corner case (git-fixes) * timekeeping: Fix cross-timestamp interpolation for non-x86 (git-fixes) * timekeeping: Fix cross-timestamp interpolation on counter (git-fixes) * tpm: Add SNP SVSM vTPM driver (bsc#1241191). * tpm: Make chip-> {status,cancel,req_canceled} opt (bsc#1241191). * trace/trace_event_perf: remove duplicate samples on the first tracepoint event (git-fixes). * tracing/eprobe: Fix to release eprobe when failed to add dyn_event (git- fixes). * tracing: Add __print_dynamic_array() helper (bsc#1243544). * tracing: Add __string_len() example (bsc#1243544). * tracing: Fix cmp_entries_dup() to respect sort() comparison rules (git- fixes). * tracing: Fix compilation warning on arm32 (bsc#1243551). * tracing: Use atomic64_inc_return() in trace_clock_counter() (git-fixes). * truct dwc3 hide new member wakeup_pending_funcs (git-fixes). * tty: serial: 8250_omap: fix TX with DMA for am33xx (git-fixes). * ucsi_debugfs_entry: hide signedness change (git-fixes). * udp: annotate data-races around up-> pending (git-fixes). * udp: fix incorrect parameter validation inthe udp_lib_getsockopt() function (git-fixes). * udp: fix receiving fraglist GSO packets (git-fixes). * udp: preserve the connected status if only UDP cmsg (git-fixes). * uprobes: Use kzalloc to allocate xol area (git-fixes). * usb: Flush altsetting 0 endpoints before reinitializating them after reset (git-fixes). * usb: cdnsp: Fix issue with detecting USB 3.2 speed (git-fixes). * usb: cdnsp: Fix issue with detecting command completion event (git-fixes). * usb: dwc3: gadget: Make gadget_wakeup asynchronous (git-fixes). * usb: misc: onboard_usb_dev: fix support for Cypress HX3 hubs (git-fixes). * usb: quirks: Add NO_LPM quirk for SanDisk Extreme 55AE (stable-fixes). * usb: renesas_usbhs: Reorder clock handling and power management in probe (git-fixes). * usb: storage: Ignore UAS driver for SanDisk 3.2 Gen2 storage device (stable- fixes). * usb: typec: tcpm/tcpci_maxim: Fix bounds check in process_rx() (git-fixes). * usb: typec: tcpm: move tcpm_queue_vdm_unlocked to asynchronous work (git- fixes). * usb: typec: ucsi: Only enable supported notifications (git-fixes). * usb: typec: ucsi: allow non-partner GET_PDOS for Qualcomm devices (git- fixes). * usb: typec: ucsi: fix Clang -Wsign-conversion warning (git-fixes). * usb: typec: ucsi: fix UCSI on buggy Qualcomm devices (git-fixes). * usb: typec: ucsi: limit the UCSI_NO_PARTNER_PDOS even further (git-fixes). * usb: usbtmc: Fix read_stb function and get_stb ioctl (git-fixes). * usb: usbtmc: Fix timeout value in get_stb (git-fixes). * usb: xhci: Do not change the status of stalled TDs on failed Stop EP (stable-fixes). * usbnet: asix AX88772: leave the carrier control to phylink (stable-fixes). * vgacon: Add check for vc_origin address range in vgacon_scroll() (git- fixes). * vmxnet3: correctly report gso type for UDP tunnels (bsc#1244626). * vmxnet3: support higher link speeds from vmxnet3 v9 (bsc#1244626). * vmxnet3: update MTU after device quiesce (bsc#1244626). * vt: removeVT_RESIZE and VT_RESIZEX from vt_compat_ioctl() (git-fixes). * watchdog: da9052_wdt: respect TWDMIN (stable-fixes). * watchdog: exar: Shorten identity name to fit correctly (git-fixes). * watchdog: fix watchdog may detect false positive of softlockup (stable- fixes). * watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04 (git-fixes). * watchdog: mediatek: Add support for MT6735 TOPRGU/WDT (git-fixes). * wifi: ath11k: Fix QMI memory reuse logic (stable-fixes). * wifi: ath11k: avoid burning CPU in ath11k_debugfs_fw_stats_request() (git- fixes). * wifi: ath11k: convert timeouts to secs_to_jiffies() (stable-fixes). * wifi: ath11k: do not use static variables in ath11k_debugfs_fw_stats_process() (git-fixes). * wifi: ath11k: do not wait when there is no vdev started (git-fixes). * wifi: ath11k: fix node corruption in ar-> arvifs list (git-fixes). * wifi: ath11k: fix ring-buffer corruption (git-fixes). * wifi: ath11k: fix rx completion meta data corruption (git-fixes). * wifi: ath11k: fix soc_dp_stats debugfs file permission (stable-fixes). * wifi: ath11k: move some firmware stats related functions outside of debugfs (git-fixes). * wifi: ath11k: update channel list in worker when wait flag is set (bsc#1243847). * wifi: ath11k: validate ath11k_crypto_mode on top of ath11k_core_qmi_firmware_ready (git-fixes). * wifi: ath12k: ACPI CCA threshold support (bsc#1240998). * wifi: ath12k: ACPI SAR support (bsc#1240998). * wifi: ath12k: ACPI TAS support (bsc#1240998). * wifi: ath12k: ACPI band edge channel power support (bsc#1240998). * wifi: ath12k: Add MSDU length validation for TKIP MIC error (git-fixes). * wifi: ath12k: Add additional checks for vif and sta iterators (bsc#1240998). * wifi: ath12k: Add firmware coredump collection support (bsc#1240998). * wifi: ath12k: Add htt_stats_dump file ops support (bsc#1240998). * wifi: ath12k: Add lock to protect the hardware state (bsc#1240998). * wifi: ath12k: Add missing htt_metadata flag inath12k_dp_tx() (bsc#1240998). * wifi: ath12k: Add support to enable debugfs_htt_stats (bsc#1240998). * wifi: ath12k: Add support to parse requested stats_type (bsc#1240998). * wifi: ath12k: Avoid -Wflex-array-member-not-at-end warnings (bsc#1240998). * wifi: ath12k: Avoid napi_sync() before napi_enable() (stable-fixes). * wifi: ath12k: Cache vdev configs before vdev create (bsc#1240998). * wifi: ath12k: Dump additional Tx PDEV HTT stats (bsc#1240998). * wifi: ath12k: Fetch regdb.bin file from board-2.bin (stable-fixes). * wifi: ath12k: Fix WARN_ON during firmware crash in split-phy (bsc#1240998). * wifi: ath12k: Fix WMI tag for EHT rate in peer assoc (git-fixes). * wifi: ath12k: Fix buffer overflow in debugfs (bsc#1240998). * wifi: ath12k: Fix devmem address prefix when logging (bsc#1240998). * wifi: ath12k: Fix end offset bit definition in monitor ring descriptor (stable-fixes). * wifi: ath12k: Fix for out-of bound access error (bsc#1240998). * wifi: ath12k: Fix invalid memory access while forming 802.11 header (git- fixes). * wifi: ath12k: Fix memory leak during vdev_id mismatch (git-fixes). * wifi: ath12k: Fix pdev id sent to firmware for single phy devices (bsc#1240998). * wifi: ath12k: Fix the QoS control field offset to build QoS header (git- fixes). * wifi: ath12k: Handle error cases during extended skb allocation (git-fixes). * wifi: ath12k: Improve BSS discovery with hidden SSID in 6 GHz band (stable- fixes). * wifi: ath12k: Introduce device index (bsc#1240998). * wifi: ath12k: Modify add and remove chanctx ops for single wiphy support (bsc#1240998). * wifi: ath12k: Modify print_array_to_buf() to support arrays with 1-based semantics (bsc#1240998). * wifi: ath12k: Modify rts threshold mac op for single wiphy (bsc#1240998). * wifi: ath12k: Modify set and get antenna mac ops for single wiphy (bsc#1240998). * wifi: ath12k: Optimize the lock contention of used list in Rx data path (bsc#1240998). * wifi: ath12k: Passcorrect values of center freq1 and center freq2 for 160 MHz (stable-fixes). * wifi: ath12k: Prevent sending WMI commands to firmware during firmware crash (bsc#1240998). * wifi: ath12k: Refactor Rxdma buffer replinish argument (bsc#1240998). * wifi: ath12k: Refactor data path cmem init (bsc#1240998). * wifi: ath12k: Refactor error handler of Rxdma replenish (bsc#1240998). * wifi: ath12k: Refactor idle ring descriptor setup (bsc#1240998). * wifi: ath12k: Refactor the hardware cookie conversion init (bsc#1240998). * wifi: ath12k: Refactor the hardware recovery procedure (bsc#1240998). * wifi: ath12k: Refactor the hardware state (bsc#1240998). * wifi: ath12k: Remove unsupported tx monitor handling (bsc#1240998). * wifi: ath12k: Remove unused ath12k_base from ath12k_hw (bsc#1240998). * wifi: ath12k: Remove unused tcl_*_ring configuration (bsc#1240998). * wifi: ath12k: Replace "chip" with "device" in hal Rx return buffer manager (bsc#1240998). * wifi: ath12k: Report proper tx completion status to mac80211 (stable-fixes). * wifi: ath12k: Resolve multicast packet drop by populating key_cipher in ath12k_install_key() (bsc#1240998). * wifi: ath12k: Support BE OFDMA Pdev Rate Stats (bsc#1240998). * wifi: ath12k: Support DMAC Reset Stats (bsc#1240998). * wifi: ath12k: Support Pdev OBSS Stats (bsc#1240998). * wifi: ath12k: Support Pdev Scheduled Algorithm Stats (bsc#1240998). * wifi: ath12k: Support Ring and SFM stats (bsc#1240998). * wifi: ath12k: Support Self-Generated Transmit stats (bsc#1240998). * wifi: ath12k: Support TQM stats (bsc#1240998). * wifi: ath12k: Support Transmit DE stats (bsc#1240998). * wifi: ath12k: Support Transmit Scheduler stats (bsc#1240998). * wifi: ath12k: Support pdev CCA Stats (bsc#1240998). * wifi: ath12k: Support pdev Transmit Multi-user stats (bsc#1240998). * wifi: ath12k: Support pdev error stats (bsc#1240998). * wifi: ath12k: add 6 GHz params in peer assoc command (bsc#1240998). * wifi: ath12k: add ATH12K_DBG_WOW loglevel (bsc#1240998). * wifi: ath12k: add EMA beacon support (bsc#1240998). * wifi: ath12k: add MBSSID beacon support (bsc#1240998). * wifi: ath12k: add WoW net-detect functionality (bsc#1240998). * wifi: ath12k: add basic WoW functionalities (bsc#1240998). * wifi: ath12k: add channel 2 into 6 GHz channel list (bsc#1240998). * wifi: ath12k: add hw_link_id in ath12k_pdev (bsc#1240998). * wifi: ath12k: add missing lockdep_assert_wiphy() for ath12k_mac_op_ functions (bsc#1240998). * wifi: ath12k: add multi device support for WBM idle ring buffer setup (bsc#1240998). * wifi: ath12k: add multiple radio support in a single MAC HW un/register (bsc#1240998). * wifi: ath12k: add panic handler (bsc#1240998). * wifi: ath12k: add support to handle beacon miss for WCN7850 (bsc#1240998). * wifi: ath12k: advertise driver capabilities for MBSSID and EMA (bsc#1240998). * wifi: ath12k: allocate dummy net_device dynamically (bsc#1240998). * wifi: ath12k: ath12k_mac_op_set_key(): fix uninitialized symbol 'ret' (bsc#1240998). * wifi: ath12k: ath12k_mac_op_sta_state(): clean up update_wk cancellation (bsc#1240998). * wifi: ath12k: ath12k_mac_set_key(): remove exit label (bsc#1240998). * wifi: ath12k: avoid double SW2HW_MACID conversion (bsc#1240998). * wifi: ath12k: avoid duplicated vdev down (bsc#1240998). * wifi: ath12k: avoid redundant code in Rx cookie conversion init (bsc#1240998). * wifi: ath12k: avoid stopping mac80211 queues in ath12k_core_restart() (bsc#1240998). * wifi: ath12k: avoid unnecessary MSDU drop in the Rx error process (bsc#1240998). * wifi: ath12k: change supports_suspend to true for WCN7850 (bsc#1240998). * wifi: ath12k: cleanup unneeded labels (bsc#1240998). * wifi: ath12k: configure MBSSID parameters in AP mode (bsc#1240998). * wifi: ath12k: configure MBSSID params in vdev create/start (bsc#1240998). * wifi: ath12k: convert struct ath12k_sta::update_wk to use struct wiphy_work (bsc#1240998). * wifi: ath12k: correct thecapital word typo (bsc#1240998). * wifi: ath12k: create a structure for WMI vdev up parameters (bsc#1240998). * wifi: ath12k: debugfs: radar simulation support (bsc#1240998). * wifi: ath12k: decrease MHI channel buffer length to 8KB (bsc#1240998). * wifi: ath12k: delete NSS and TX power setting for monitor vdev (bsc#1240998). * wifi: ath12k: displace the Tx and Rx descriptor in cookie conversion table (bsc#1240998). * wifi: ath12k: do not dump SRNG statistics during resume (bsc#1240998). * wifi: ath12k: do not process consecutive RDDM event (bsc#1240998). * wifi: ath12k: do not use %pK in dmesg format strings (bsc#1240998). * wifi: ath12k: dynamic VLAN support (bsc#1240998). * wifi: ath12k: dynamically update peer puncturing bitmap for STA (bsc#1240998). * wifi: ath12k: enable WIPHY_FLAG_DISABLE_WEXT (bsc#1240998). * wifi: ath12k: enable service flag for survey dump stats (bsc#1240998). * wifi: ath12k: extend the link capable flag (bsc#1240998). * wifi: ath12k: fetch correct radio based on vdev status (bsc#1240998). * wifi: ath12k: fix A-MSDU indication in monitor mode (bsc#1240998). * wifi: ath12k: fix ACPI warning when resume (bsc#1240998). * wifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850 (git-fixes). * wifi: ath12k: fix NULL pointer access in ath12k_mac_op_get_survey() (bsc#1240998). * wifi: ath12k: fix Smatch warnings on ath12k_core_suspend() (bsc#1240998). * wifi: ath12k: fix a possible dead lock caused by ab-> base_lock (stable- fixes). * wifi: ath12k: fix ack signal strength calculation (bsc#1240998). * wifi: ath12k: fix ath12k_hal_tx_cmd_ext_desc_setup() info1 override (stable- fixes). * wifi: ath12k: fix build vs old compiler (bsc#1240998). * wifi: ath12k: fix calling correct function for rx monitor mode (bsc#1240998). * wifi: ath12k: fix cleanup path after mhi init (git-fixes). * wifi: ath12k: fix desc address calculation in wbm tx completion (bsc#1240998). * wifi: ath12k: fix driver initialization forWoW unsupported devices (bsc#1240998). * wifi: ath12k: fix failed to set mhi state error during reboot with hardware grouping (stable-fixes). * wifi: ath12k: fix flush failure in recovery scenarios (bsc#1240998). * wifi: ath12k: fix hal_rx_buf_return_buf_manager documentation (bsc#1240998). * wifi: ath12k: fix incorrect CE addresses (stable-fixes). * wifi: ath12k: fix invalid access to memory (git-fixes). * wifi: ath12k: fix key cache handling (bsc#1240998). * wifi: ath12k: fix legacy peer association due to missing HT or 6 GHz capabilities (bsc#1240998). * wifi: ath12k: fix link capable flags (bsc#1240998). * wifi: ath12k: fix link valid field initialization in the monitor Rx (stable- fixes). * wifi: ath12k: fix mac id extraction when MSDU spillover in rx error path (bsc#1240998). * wifi: ath12k: fix macro definition HAL_RX_MSDU_PKT_LENGTH_GET (stable- fixes). * wifi: ath12k: fix mbssid max interface advertisement (bsc#1240998). * wifi: ath12k: fix missing endianness conversion in wmi_vdev_create_cmd() (bsc#1240998). * wifi: ath12k: fix misspelling of "dma" in num_rxmda_per_pdev (bsc#1240998). * wifi: ath12k: fix node corruption in ar-> arvifs list (git-fixes). * wifi: ath12k: fix one more memcpy size error (bsc#1240998). * wifi: ath12k: fix per pdev debugfs registration (bsc#1240998). * wifi: ath12k: fix reusing outside iterator in ath12k_wow_vif_set_wakeups() (bsc#1240998). * wifi: ath12k: fix ring-buffer corruption (git-fixes). * wifi: ath12k: fix skb_ext_desc leak in ath12k_dp_tx() error path (bsc#1240998). * wifi: ath12k: fix struct hal_rx_mpdu_start (bsc#1240998). * wifi: ath12k: fix struct hal_rx_phyrx_rssi_legacy_info (bsc#1240998). * wifi: ath12k: fix struct hal_rx_ppdu_end_user_stats (bsc#1240998). * wifi: ath12k: fix struct hal_rx_ppdu_start (bsc#1240998). * wifi: ath12k: fix survey dump collection in 6 GHz (bsc#1240998). * wifi: ath12k: fix the ampdu id fetch in the HAL_RX_MPDU_START TLV (stable- fixes). *wifi: ath12k: fix the stack frame size warning in ath12k_mac_op_hw_scan (bsc#1240998). * wifi: ath12k: fix use-after-free in ath12k_dp_cc_cleanup() (bsc#1240998). * wifi: ath12k: fix warning on DMA ring capabilities event (bsc#1240998). * wifi: ath12k: flush all packets before suspend (bsc#1240998). * wifi: ath12k: handle keepalive during WoWLAN suspend and resume (bsc#1240998). * wifi: ath12k: handle symlink cleanup for per pdev debugfs dentry (bsc#1240998). * wifi: ath12k: implement WoW enable and wakeup commands (bsc#1240998). * wifi: ath12k: implement hardware data filter (bsc#1240998). * wifi: ath12k: improve the rx descriptor error information (bsc#1240998). * wifi: ath12k: initial debugfs support (bsc#1240998). * wifi: ath12k: make read-only array svc_id static const (bsc#1240998). * wifi: ath12k: modify ath12k mac start/stop ops for single wiphy (bsc#1240998). * wifi: ath12k: modify ath12k_get_arvif_iter() for MLO (bsc#1240998). * wifi: ath12k: modify ath12k_mac_op_bss_info_changed() for MLO (bsc#1240998). * wifi: ath12k: modify ath12k_mac_op_set_key() for MLO (bsc#1240998). * wifi: ath12k: modify ath12k_mac_vif_chan() for MLO (bsc#1240998). * wifi: ath12k: modify link arvif creation and removal for MLO (bsc#1240998). * wifi: ath12k: modify regulatory support for single wiphy architecture (bsc#1240998). * wifi: ath12k: modify remain on channel for single wiphy (bsc#1240998). * wifi: ath12k: move txbaddr/rxbaddr into struct ath12k_dp (bsc#1240998). * wifi: ath12k: no need to handle pktlog during suspend/resume (bsc#1240998). * wifi: ath12k: pass ath12k_link_vif instead of vif/ahvif (bsc#1240998). * wifi: ath12k: prepare sta data structure for MLO handling (bsc#1240998). * wifi: ath12k: prepare vif config caching for MLO (bsc#1240998). * wifi: ath12k: prepare vif data structure for MLO handling (bsc#1240998). * wifi: ath12k: read single_chip_mlo_support parameter from QMI PHY capability (bsc#1240998). * wifi: ath12k: rearrange IRQenable/disable in reset path (bsc#1240998). * wifi: ath12k: refactor SMPS configuration (bsc#1240998). * wifi: ath12k: refactor arvif security parameter configuration (bsc#1240998). * wifi: ath12k: refactor ath12k_hw_regs structure (stable-fixes). * wifi: ath12k: refactor rx descriptor CMEM configuration (bsc#1240998). * wifi: ath12k: remove MHI LOOPBACK channels (bsc#1240998). * wifi: ath12k: remove duplicate definition of MAX_RADIOS (bsc#1240998). * wifi: ath12k: remove duplicate definitions in wmi.h (bsc#1240998). * wifi: ath12k: remove invalid peer create logic (bsc#1240998). * wifi: ath12k: remove obsolete struct wmi_start_scan_arg (bsc#1240998). * wifi: ath12k: remove redundant peer delete for WCN7850 (bsc#1240998). * wifi: ath12k: remove unused variable monitor_flags (bsc#1240998). * wifi: ath12k: remove unused variable monitor_present (bsc#1240998). * wifi: ath12k: rename MBSSID fields in wmi_vdev_up_cmd (bsc#1240998). * wifi: ath12k: restore ASPM for supported hardwares only (bsc#1240998). * wifi: ath12k: scan statemachine changes for single wiphy (bsc#1240998). * wifi: ath12k: set mlo_capable_flags based on QMI PHY capability (bsc#1240998). * wifi: ath12k: skip sending vdev down for channel switch (bsc#1240998). * wifi: ath12k: support ARP and NS offload (bsc#1240998). * wifi: ath12k: support GTK rekey offload (bsc#1240998). * wifi: ath12k: support SMPS configuration for 6 GHz (bsc#1240998). * wifi: ath12k: support get_survey mac op for single wiphy (bsc#1240998). * wifi: ath12k: support suspend/resume (bsc#1240998). * wifi: ath12k: switch to using wiphy_lock() and remove ar-> conf_mutex (bsc#1240998). * wifi: ath12k: unregister per pdev debugfs (bsc#1240998). * wifi: ath12k: update ath12k_mac_op_conf_tx() for MLO (bsc#1240998). * wifi: ath12k: update ath12k_mac_op_update_vif_offload() for MLO (bsc#1240998). * wifi: ath12k: use 128 bytes aligned iova in transmit path for WCN7850 (bsc#1240998). * wifi: ath12k: use correct MAX_RADIOS(bsc#1240998). * wifi: ath12k: use tail MSDU to get MSDU information (bsc#1240998). * wifi: ath12k: using msdu end descriptor to check for rx multicast packets (stable-fixes). * wifi: ath12k: vdev statemachine changes for single wiphy (bsc#1240998). * wifi: ath9k: return by of_get_mac_address (stable-fixes). * wifi: ath9k_htc: Abort software beacon handling if disabled (git-fixes). * wifi: carl9170: do not ping device which has failed to load firmware (git- fixes). * wifi: cfg80211: allow IR in 20 MHz configurations (stable-fixes). * wifi: iwlfiwi: mvm: Fix the rate reporting (git-fixes). * wifi: iwlwifi: Add missing MODULE_FIRMWARE for Qu-c0-jf-b0 (stable-fixes). * wifi: iwlwifi: add support for Killer on MTL (stable-fixes). * wifi: iwlwifi: do not warn during reprobe (stable-fixes). * wifi: iwlwifi: do not warn when if there is a FW error (stable-fixes). * wifi: iwlwifi: fix debug actions order (stable-fixes). * wifi: iwlwifi: fix the ECKV UEFI variable name (stable-fixes). * wifi: iwlwifi: mark Br device not integrated (stable-fixes). * wifi: iwlwifi: mvm: fix beacon CCK flag (stable-fixes). * wifi: iwlwifi: mvm: fix setting the TK when associated (stable-fixes). * wifi: iwlwifi: pcie: make sure to lock rxq-> read (stable-fixes). * wifi: iwlwifi: use correct IMR dump variable (stable-fixes). * wifi: iwlwifi: w/a FW SMPS mode selection (stable-fixes). * wifi: mac80211: VLAN traffic in multicast path (stable-fixes). * wifi: mac80211: do not offer a mesh path if forwarding is disabled (stable- fixes). * wifi: mac80211: do not unconditionally call drv_mgd_complete_tx() (stable- fixes). * wifi: mac80211: fix beacon interval calculation overflow (git-fixes). * wifi: mac80211: fix warning on disconnect during failed ML reconf (stable- fixes). * wifi: mac80211: remove misplaced drv_mgd_complete_tx() call (stable-fixes). * wifi: mac80211: set ieee80211_prep_tx_info::link_id upon Auth Rx (stable- fixes). * wifi: mac80211: validateSCAN_FLAG_AP in scan request during MLO (stable- fixes). * wifi: mac80211_hwsim: Fix MLD address translation (stable-fixes). * wifi: mac80211_hwsim: Prevent tsf from setting if beacon is disabled (stable-fixes). * wifi: mt76: mt76x2: Add support for LiteOn WN4516R,WN4519R (stable-fixes). * wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init() (git- fixes). * wifi: mt76: mt7921: add 160 MHz AP for mt7922 device (stable-fixes). * wifi: mt76: mt7925: ensure all MCU commands wait for response (git-fixes). * wifi: mt76: mt7925: fix fails to enter low power mode in suspend state (stable-fixes). * wifi: mt76: mt7925: fix host interrupt register initialization (git-fixes). * wifi: mt76: mt7925: introduce thermal protection (stable-fixes). * wifi: mt76: mt7925: load the appropriate CLC data based on hardware type (stable-fixes). * wifi: mt76: mt7925: prevent multiple scan commands (git-fixes). * wifi: mt76: mt7925: refine the sniffer commnad (git-fixes). * wifi: mt76: mt7996: drop fragments with multicast or broadcast RA (stable- fixes). * wifi: mt76: mt7996: fix RX buffer size of MCU event (git-fixes). * wifi: mt76: mt7996: revise TXS size (stable-fixes). * wifi: mt76: mt7996: set EHT max ampdu length capability (git-fixes). * wifi: mt76: only mark tx-status-failed frames as ACKed on mt76x0/2 (stable- fixes). * wifi: mwifiex: Fix HT40 bandwidth issue (stable-fixes). * wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() (git-fixes). * wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723 (git- fixes). * wifi: rtw88: Do not use static local variable in rtw8822b_set_tx_power_index_by_rate (stable-fixes). * wifi: rtw88: Fix __rtw_download_firmware() for RTL8814AU (stable-fixes). * wifi: rtw88: Fix download_firmware_validate() for RTL8814AU (stable-fixes). * wifi: rtw88: Fix rtw_desc_to_mcsrate() to handle MCS16-31 (stable-fixes). * wifi: rtw88: Fix rtw_init_ht_cap() for RTL8814AU (stable-fixes). *wifi: rtw88: Fix rtw_init_vht_cap() for RTL8814AU (stable-fixes). * wifi: rtw88: do not ignore hardware read error during DPK (git-fixes). * wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (git- fixes). * wifi: rtw88: sdio: call rtw_sdio_indicate_tx_status unconditionally (git- fixes). * wifi: rtw88: sdio: map mgmt frames to queue TX_DESC_QSEL_MGMT (git-fixes). * wifi: rtw88: usb: Reduce control message timeout to 500 ms (git-fixes). * wifi: rtw89: 8922a: fix TX fail with wrong VCO setting (stable-fixes). * wifi: rtw89: 8922a: fix incorrect STA-ID in EHT MU PPDU (stable-fixes). * wifi: rtw89: add wiphy_lock() to work that isn't held wiphy_lock() yet (stable-fixes). * wifi: rtw89: call power_on ahead before selecting firmware (stable-fixes). * wifi: rtw89: fw: get sb_sel_ver via get_unaligned_le32() (stable-fixes). * wifi: rtw89: fw: propagate error code from rtw89_h2c_tx() (stable-fixes). * wifi: rtw89: leave idle mode when setting WEP encryption for AP mode (stable-fixes). * wifi: rtw89: pci: enlarge retry times of RX tag to 1000 (git-fixes). * wifi: rtw89: phy: add dummy C2H event handler for report of TAS power (stable-fixes). * wireless: purelifi: plfxlc: fix memory leak in plfxlc_usb_wreq_asyn() (stable-fixes). * workqueue: Initialize wq_isolated_cpumask in workqueue_init_early() (bsc#1245101 jsc#PED-11934). * x86/acpi: Fix LAPIC/x2APIC parsing order (git-fixes). * x86/amd_nb, hwmon: (k10temp): Simplify amd_pci_dev_to_node_id() (jsc#PED-13094). * x86/amd_nb: Clean up early_is_amd_nb() (jsc#PED-13094). * x86/amd_nb: Move SMN access code to a new amd_node driver (jsc#PED-13094). * x86/amd_nb: Restrict init function to AMD-based systems (jsc#PED-13094). * x86/amd_nb: Simplify function 4 search (jsc#PED-13094). * x86/amd_nb: Simplify root device search (jsc#PED-13094). * x86/amd_node: Add SMN offsets to exclusive region access (jsc#PED-13094). * x86/amd_node: Add support for debugfs access to SMN registers (jsc#PED-13094). * x86/amd_node: Remove dependency on AMD_NB (jsc#PED-13094). * x86/amd_node: Update __amd_smn_rw() error paths (jsc#PED-13094). * x86/amd_node: Use defines for SMN register offsets (jsc#PED-13094). * x86/fred/signal: Prevent immediate repeat of single step trap on return from SIGTRAP handler (git-fixes). * x86/idle: Remove MFENCEs for X86_BUG_CLFLUSH_MONITOR in mwait_idle_with_hints() and prefer_mwait_c1_over_halt() (git-fixes). * x86/kaslr: Reduce KASLR entropy on most x86 systems (git-fixes). * x86/mce/amd: Remove shared threshold bank plumbing (jsc#PED-13094). * x86/microcode/AMD: Add get_patch_level() (git-fixes). * x86/microcode/AMD: Do not return error when microcode update is not necessary (git-fixes). * x86/microcode/AMD: Get rid of the _load_microcode_amd() forward declaration (git-fixes). * x86/microcode/AMD: Have __apply_microcode_amd() return bool (git-fixes). * x86/microcode/AMD: Make __verify_patch_size() return bool (git-fixes). * x86/microcode/AMD: Merge early_apply_microcode() into its single callsite (git-fixes). * x86/microcode/AMD: Remove ugly linebreak in __verify_patch_section() signature (git-fixes). * x86/microcode/AMD: Return bool from find_blobs_in_containers() (git-fixes). * x86/microcode: Consolidate the loader enablement checking (git-fixes). * x86/mm/init: Handle the special case of device private pages in add_pages(), to not increase max_pfn and trigger dma_addressing_limited() bounce buffers (git-fixes). * x86/platform/amd: Move the header to (jsc#PED-13094). * x86/sev: Add SVSM vTPM probe/send_command functions (bsc#1241191). * x86/sev: Provide guest VMPL level to userspace (bsc#1241191). * x86/sev: Register tpm-svsm platform device (bsc#1241191). * x86/xen: fix balloon target initialization for PVH dom0 (git-fixes). * x86: Start moving AMD node functionality out of AMD_NB (jsc#PED-13094). * xen/arm: call uaccess_ttbr0_enable for dm_op hypercall (git-fixes) * xen/x86: fixinitial memory balloon target (git-fixes). * xhci: dbc: Avoid event polling busyloop if pending rx transfers are inactive (git-fixes). * xsk: always clear DMA mapping information when unmapping the pool (git- fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Real Time Module 15-SP7 zypper in -t patch SUSE-SLE-Module-RT-15-SP7-2025-2333=1 * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2025-2333=1 ## Package List: * SUSE Real Time Module 15-SP7 (x86_64) * kernel-rt-devel-debuginfo-6.4.0-150700.7.8.1 * dlm-kmp-rt-debuginfo-6.4.0-150700.7.8.1 * kernel-syms-rt-6.4.0-150700.7.8.1 * ocfs2-kmp-rt-6.4.0-150700.7.8.1 * ocfs2-kmp-rt-debuginfo-6.4.0-150700.7.8.1 * kernel-rt-devel-6.4.0-150700.7.8.1 * gfs2-kmp-rt-6.4.0-150700.7.8.1 * gfs2-kmp-rt-debuginfo-6.4.0-150700.7.8.1 * cluster-md-kmp-rt-6.4.0-150700.7.8.1 * kernel-rt-debugsource-6.4.0-150700.7.8.1 * kernel-rt-debuginfo-6.4.0-150700.7.8.1 * cluster-md-kmp-rt-debuginfo-6.4.0-150700.7.8.1 * dlm-kmp-rt-6.4.0-150700.7.8.1 * SUSE Real Time Module 15-SP7 (noarch) * kernel-devel-rt-6.4.0-150700.7.8.1 * kernel-source-rt-6.4.0-150700.7.8.1 * SUSE Real Time Module 15-SP7 (nosrc x86_64) * kernel-rt-6.4.0-150700.7.8.1 * SUSE Linux Enterprise Live Patching 15-SP7 (x86_64) * kernel-livepatch-6_4_0-150700_7_8-rt-debuginfo-1-150700.1.5.1 * kernel-livepatch-6_4_0-150700_7_8-rt-1-150700.1.5.1 * kernel-livepatch-SLE15-SP7-RT_Update_2-debugsource-1-150700.1.5.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52888.html * https://www.suse.com/security/cve/CVE-2023-53146.html * https://www.suse.com/security/cve/CVE-2024-26762.html *https://www.suse.com/security/cve/CVE-2024-26831.html * https://www.suse.com/security/cve/CVE-2024-41085.html * https://www.suse.com/security/cve/CVE-2024-43869.html * https://www.suse.com/security/cve/CVE-2024-49568.html * https://www.suse.com/security/cve/CVE-2024-50034.html * https://www.suse.com/security/cve/CVE-2024-50106.html * https://www.suse.com/security/cve/CVE-2024-50293.html * https://www.suse.com/security/cve/CVE-2024-56541.html * https://www.suse.com/security/cve/CVE-2024-56613.html * https://www.suse.com/security/cve/CVE-2024-56699.html * https://www.suse.com/security/cve/CVE-2024-57982.html * https://www.suse.com/security/cve/CVE-2024-57987.html * https://www.suse.com/security/cve/CVE-2024-57988.html * https://www.suse.com/security/cve/CVE-2024-57995.html * https://www.suse.com/security/cve/CVE-2024-58004.html * https://www.suse.com/security/cve/CVE-2024-58015.html * https://www.suse.com/security/cve/CVE-2024-58053.html * https://www.suse.com/security/cve/CVE-2024-58062.html * https://www.suse.com/security/cve/CVE-2024-58077.html * https://www.suse.com/security/cve/CVE-2024-58098.html * https://www.suse.com/security/cve/CVE-2024-58099.html * https://www.suse.com/security/cve/CVE-2024-58100.html * https://www.suse.com/security/cve/CVE-2024-58237.html * https://www.suse.com/security/cve/CVE-2025-21629.html * https://www.suse.com/security/cve/CVE-2025-21658.html * https://www.suse.com/security/cve/CVE-2025-21713.html * https://www.suse.com/security/cve/CVE-2025-21720.html * https://www.suse.com/security/cve/CVE-2025-21770.html * https://www.suse.com/security/cve/CVE-2025-21805.html * https://www.suse.com/security/cve/CVE-2025-21824.html * https://www.suse.com/security/cve/CVE-2025-21842.html * https://www.suse.com/security/cve/CVE-2025-21849.html * https://www.suse.com/security/cve/CVE-2025-21868.html * https://www.suse.com/security/cve/CVE-2025-21880.html * https://www.suse.com/security/cve/CVE-2025-21898.html *https://www.suse.com/security/cve/CVE-2025-21899.html * https://www.suse.com/security/cve/CVE-2025-21901.html * https://www.suse.com/security/cve/CVE-2025-21911.html * https://www.suse.com/security/cve/CVE-2025-21920.html * https://www.suse.com/security/cve/CVE-2025-21938.html * https://www.suse.com/security/cve/CVE-2025-21939.html * https://www.suse.com/security/cve/CVE-2025-21940.html * https://www.suse.com/security/cve/CVE-2025-21959.html * https://www.suse.com/security/cve/CVE-2025-21987.html * https://www.suse.com/security/cve/CVE-2025-21997.html * https://www.suse.com/security/cve/CVE-2025-22005.html * https://www.suse.com/security/cve/CVE-2025-22023.html * https://www.suse.com/security/cve/CVE-2025-22035.html * https://www.suse.com/security/cve/CVE-2025-22066.html * https://www.suse.com/security/cve/CVE-2025-22083.html * https://www.suse.com/security/cve/CVE-2025-22089.html * https://www.suse.com/security/cve/CVE-2025-22095.html * https://www.suse.com/security/cve/CVE-2025-22111.html * https://www.suse.com/security/cve/CVE-2025-22113.html * https://www.suse.com/security/cve/CVE-2025-22119.html * https://www.suse.com/security/cve/CVE-2025-22120.html * https://www.suse.com/security/cve/CVE-2025-22124.html * https://www.suse.com/security/cve/CVE-2025-23141.html * https://www.suse.com/security/cve/CVE-2025-23142.html * https://www.suse.com/security/cve/CVE-2025-23144.html * https://www.suse.com/security/cve/CVE-2025-23146.html * https://www.suse.com/security/cve/CVE-2025-23147.html * https://www.suse.com/security/cve/CVE-2025-23148.html * https://www.suse.com/security/cve/CVE-2025-23149.html * https://www.suse.com/security/cve/CVE-2025-23151.html * https://www.suse.com/security/cve/CVE-2025-23155.html * https://www.suse.com/security/cve/CVE-2025-23156.html * https://www.suse.com/security/cve/CVE-2025-23157.html * https://www.suse.com/security/cve/CVE-2025-23158.html * https://www.suse.com/security/cve/CVE-2025-23159.html *https://www.suse.com/security/cve/CVE-2025-23161.html * https://www.suse.com/security/cve/CVE-2025-23162.html * https://www.suse.com/security/cve/CVE-2025-37738.html * https://www.suse.com/security/cve/CVE-2025-37740.html * https://www.suse.com/security/cve/CVE-2025-37741.html * https://www.suse.com/security/cve/CVE-2025-37742.html * https://www.suse.com/security/cve/CVE-2025-37743.html * https://www.suse.com/security/cve/CVE-2025-37747.html * https://www.suse.com/security/cve/CVE-2025-37752.html * https://www.suse.com/security/cve/CVE-2025-37754.html * https://www.suse.com/security/cve/CVE-2025-37756.html * https://www.suse.com/security/cve/CVE-2025-37757.html * https://www.suse.com/security/cve/CVE-2025-37758.html * https://www.suse.com/security/cve/CVE-2025-37761.html * https://www.suse.com/security/cve/CVE-2025-37763.html * https://www.suse.com/security/cve/CVE-2025-37764.html * https://www.suse.com/security/cve/CVE-2025-37765.html * https://www.suse.com/security/cve/CVE-2025-37766.html * https://www.suse.com/security/cve/CVE-2025-37767.html * https://www.suse.com/security/cve/CVE-2025-37768.html * https://www.suse.com/security/cve/CVE-2025-37769.html * https://www.suse.com/security/cve/CVE-2025-37770.html * https://www.suse.com/security/cve/CVE-2025-37771.html * https://www.suse.com/security/cve/CVE-2025-37772.html * https://www.suse.com/security/cve/CVE-2025-37781.html * https://www.suse.com/security/cve/CVE-2025-37782.html * https://www.suse.com/security/cve/CVE-2025-37786.html * https://www.suse.com/security/cve/CVE-2025-37788.html * https://www.suse.com/security/cve/CVE-2025-37791.html * https://www.suse.com/security/cve/CVE-2025-37792.html * https://www.suse.com/security/cve/CVE-2025-37793.html * https://www.suse.com/security/cve/CVE-2025-37794.html * https://www.suse.com/security/cve/CVE-2025-37796.html * https://www.suse.com/security/cve/CVE-2025-37798.html * https://www.suse.com/security/cve/CVE-2025-37800.html *https://www.suse.com/security/cve/CVE-2025-37801.html * https://www.suse.com/security/cve/CVE-2025-37805.html * https://www.suse.com/security/cve/CVE-2025-37810.html * https://www.suse.com/security/cve/CVE-2025-37811.html * https://www.suse.com/security/cve/CVE-2025-37812.html * https://www.suse.com/security/cve/CVE-2025-37813.html * https://www.suse.com/security/cve/CVE-2025-37814.html * https://www.suse.com/security/cve/CVE-2025-37815.html * https://www.suse.com/security/cve/CVE-2025-37816.html * https://www.suse.com/security/cve/CVE-2025-37819.html * https://www.suse.com/security/cve/CVE-2025-37836.html * https://www.suse.com/security/cve/CVE-2025-37837.html * https://www.suse.com/security/cve/CVE-2025-37839.html * https://www.suse.com/security/cve/CVE-2025-37840.html * https://www.suse.com/security/cve/CVE-2025-37841.html * https://www.suse.com/security/cve/CVE-2025-37844.html * https://www.suse.com/security/cve/CVE-2025-37847.html * https://www.suse.com/security/cve/CVE-2025-37848.html * https://www.suse.com/security/cve/CVE-2025-37849.html * https://www.suse.com/security/cve/CVE-2025-37850.html * https://www.suse.com/security/cve/CVE-2025-37851.html * https://www.suse.com/security/cve/CVE-2025-37852.html * https://www.suse.com/security/cve/CVE-2025-37853.html * https://www.suse.com/security/cve/CVE-2025-37854.html * https://www.suse.com/security/cve/CVE-2025-37858.html * https://www.suse.com/security/cve/CVE-2025-37859.html * https://www.suse.com/security/cve/CVE-2025-37861.html * https://www.suse.com/security/cve/CVE-2025-37862.html * https://www.suse.com/security/cve/CVE-2025-37865.html * https://www.suse.com/security/cve/CVE-2025-37867.html * https://www.suse.com/security/cve/CVE-2025-37868.html * https://www.suse.com/security/cve/CVE-2025-37869.html * https://www.suse.com/security/cve/CVE-2025-37871.html * https://www.suse.com/security/cve/CVE-2025-37873.html * https://www.suse.com/security/cve/CVE-2025-37874.html *https://www.suse.com/security/cve/CVE-2025-37875.html * https://www.suse.com/security/cve/CVE-2025-37881.html * https://www.suse.com/security/cve/CVE-2025-37884.html * https://www.suse.com/security/cve/CVE-2025-37888.html * https://www.suse.com/security/cve/CVE-2025-37889.html * https://www.suse.com/security/cve/CVE-2025-37890.html * https://www.suse.com/security/cve/CVE-2025-37891.html * https://www.suse.com/security/cve/CVE-2025-37892.html * https://www.suse.com/security/cve/CVE-2025-37897.html * https://www.suse.com/security/cve/CVE-2025-37900.html * https://www.suse.com/security/cve/CVE-2025-37901.html * https://www.suse.com/security/cve/CVE-2025-37903.html * https://www.suse.com/security/cve/CVE-2025-37905.html * https://www.suse.com/security/cve/CVE-2025-37909.html * https://www.suse.com/security/cve/CVE-2025-37911.html * https://www.suse.com/security/cve/CVE-2025-37912.html * https://www.suse.com/security/cve/CVE-2025-37913.html * https://www.suse.com/security/cve/CVE-2025-37914.html * https://www.suse.com/security/cve/CVE-2025-37915.html * https://www.suse.com/security/cve/CVE-2025-37917.html * https://www.suse.com/security/cve/CVE-2025-37918.html * https://www.suse.com/security/cve/CVE-2025-37921.html * https://www.suse.com/security/cve/CVE-2025-37923.html * https://www.suse.com/security/cve/CVE-2025-37925.html * https://www.suse.com/security/cve/CVE-2025-37927.html * https://www.suse.com/security/cve/CVE-2025-37928.html * https://www.suse.com/security/cve/CVE-2025-37929.html * https://www.suse.com/security/cve/CVE-2025-37930.html * https://www.suse.com/security/cve/CVE-2025-37931.html * https://www.suse.com/security/cve/CVE-2025-37932.html * https://www.suse.com/security/cve/CVE-2025-37933.html * https://www.suse.com/security/cve/CVE-2025-37934.html * https://www.suse.com/security/cve/CVE-2025-37936.html * https://www.suse.com/security/cve/CVE-2025-37937.html * https://www.suse.com/security/cve/CVE-2025-37938.html *https://www.suse.com/security/cve/CVE-2025-37943.html * https://www.suse.com/security/cve/CVE-2025-37944.html * https://www.suse.com/security/cve/CVE-2025-37945.html * https://www.suse.com/security/cve/CVE-2025-37946.html * https://www.suse.com/security/cve/CVE-2025-37948.html * https://www.suse.com/security/cve/CVE-2025-37951.html * https://www.suse.com/security/cve/CVE-2025-37953.html * https://www.suse.com/security/cve/CVE-2025-37954.html * https://www.suse.com/security/cve/CVE-2025-37959.html * https://www.suse.com/security/cve/CVE-2025-37961.html * https://www.suse.com/security/cve/CVE-2025-37963.html * https://www.suse.com/security/cve/CVE-2025-37965.html * https://www.suse.com/security/cve/CVE-2025-37967.html * https://www.suse.com/security/cve/CVE-2025-37968.html * https://www.suse.com/security/cve/CVE-2025-37969.html * https://www.suse.com/security/cve/CVE-2025-37970.html * https://www.suse.com/security/cve/CVE-2025-37972.html * https://www.suse.com/security/cve/CVE-2025-37973.html * https://www.suse.com/security/cve/CVE-2025-37978.html * https://www.suse.com/security/cve/CVE-2025-37979.html * https://www.suse.com/security/cve/CVE-2025-37980.html * https://www.suse.com/security/cve/CVE-2025-37981.html * https://www.suse.com/security/cve/CVE-2025-37982.html * https://www.suse.com/security/cve/CVE-2025-37983.html * https://www.suse.com/security/cve/CVE-2025-37985.html * https://www.suse.com/security/cve/CVE-2025-37986.html * https://www.suse.com/security/cve/CVE-2025-37987.html * https://www.suse.com/security/cve/CVE-2025-37989.html * https://www.suse.com/security/cve/CVE-2025-37990.html * https://www.suse.com/security/cve/CVE-2025-37992.html * https://www.suse.com/security/cve/CVE-2025-37994.html * https://www.suse.com/security/cve/CVE-2025-37995.html * https://www.suse.com/security/cve/CVE-2025-37997.html * https://www.suse.com/security/cve/CVE-2025-37998.html * https://www.suse.com/security/cve/CVE-2025-38000.html *https://www.suse.com/security/cve/CVE-2025-38001.html * https://www.suse.com/security/cve/CVE-2025-38003.html * https://www.suse.com/security/cve/CVE-2025-38004.html * https://www.suse.com/security/cve/CVE-2025-38005.html * https://www.suse.com/security/cve/CVE-2025-38007.html * https://www.suse.com/security/cve/CVE-2025-38009.html * https://www.suse.com/security/cve/CVE-2025-38010.html * https://www.suse.com/security/cve/CVE-2025-38011.html * https://www.suse.com/security/cve/CVE-2025-38013.html * https://www.suse.com/security/cve/CVE-2025-38014.html * https://www.suse.com/security/cve/CVE-2025-38015.html * https://www.suse.com/security/cve/CVE-2025-38018.html * https://www.suse.com/security/cve/CVE-2025-38020.html * https://www.suse.com/security/cve/CVE-2025-38022.html * https://www.suse.com/security/cve/CVE-2025-38023.html * https://www.suse.com/security/cve/CVE-2025-38024.html * https://www.suse.com/security/cve/CVE-2025-38027.html * https://www.suse.com/security/cve/CVE-2025-38031.html * https://www.suse.com/security/cve/CVE-2025-38040.html * https://www.suse.com/security/cve/CVE-2025-38043.html * https://www.suse.com/security/cve/CVE-2025-38044.html * https://www.suse.com/security/cve/CVE-2025-38045.html * https://www.suse.com/security/cve/CVE-2025-38053.html * https://www.suse.com/security/cve/CVE-2025-38055.html * https://www.suse.com/security/cve/CVE-2025-38057.html * https://www.suse.com/security/cve/CVE-2025-38059.html * https://www.suse.com/security/cve/CVE-2025-38060.html * https://www.suse.com/security/cve/CVE-2025-38065.html * https://www.suse.com/security/cve/CVE-2025-38068.html * https://www.suse.com/security/cve/CVE-2025-38072.html * https://www.suse.com/security/cve/CVE-2025-38077.html * https://www.suse.com/security/cve/CVE-2025-38078.html * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38080.html * https://www.suse.com/security/cve/CVE-2025-38081.html *https://www.suse.com/security/cve/CVE-2025-38083.html * https://www.suse.com/security/cve/CVE-2025-38104.html * https://www.suse.com/security/cve/CVE-2025-38240.html * https://www.suse.com/security/cve/CVE-2025-39735.html * https://www.suse.com/security/cve/CVE-2025-40014.html * https://bugzilla.suse.com/show_bug.cgi?id=1012628 * https://bugzilla.suse.com/show_bug.cgi?id=1210025 * https://bugzilla.suse.com/show_bug.cgi?id=1211226 * https://bugzilla.suse.com/show_bug.cgi?id=1215199 * https://bugzilla.suse.com/show_bug.cgi?id=1218184 * https://bugzilla.suse.com/show_bug.cgi?id=1220112 * https://bugzilla.suse.com/show_bug.cgi?id=1223008 * https://bugzilla.suse.com/show_bug.cgi?id=1226498 * https://bugzilla.suse.com/show_bug.cgi?id=1228478 * https://bugzilla.suse.com/show_bug.cgi?id=1228557 * https://bugzilla.suse.com/show_bug.cgi?id=1228854 * https://bugzilla.suse.com/show_bug.cgi?id=1229491 * https://bugzilla.suse.com/show_bug.cgi?id=1230337 * https://bugzilla.suse.com/show_bug.cgi?id=1231913 * https://bugzilla.suse.com/show_bug.cgi?id=1232504 * https://bugzilla.suse.com/show_bug.cgi?id=1232882 * https://bugzilla.suse.com/show_bug.cgi?id=1233482 * https://bugzilla.suse.com/show_bug.cgi?id=1235064 * https://bugzilla.suse.com/show_bug.cgi?id=1235490 * https://bugzilla.suse.com/show_bug.cgi?id=1235728 * https://bugzilla.suse.com/show_bug.cgi?id=1235968 * https://bugzilla.suse.com/show_bug.cgi?id=1236208 * https://bugzilla.suse.com/show_bug.cgi?id=1237200 * https://bugzilla.suse.com/show_bug.cgi?id=1237312 * https://bugzilla.suse.com/show_bug.cgi?id=1237887 * https://bugzilla.suse.com/show_bug.cgi?id=1237895 * https://bugzilla.suse.com/show_bug.cgi?id=1237905 * https://bugzilla.suse.com/show_bug.cgi?id=1237910 * https://bugzilla.suse.com/show_bug.cgi?id=1237913 * https://bugzilla.suse.com/show_bug.cgi?id=1238212 * https://bugzilla.suse.com/show_bug.cgi?id=1238478 * https://bugzilla.suse.com/show_bug.cgi?id=1238495 *https://bugzilla.suse.com/show_bug.cgi?id=1238508 * https://bugzilla.suse.com/show_bug.cgi?id=1238741 * https://bugzilla.suse.com/show_bug.cgi?id=1238859 * https://bugzilla.suse.com/show_bug.cgi?id=1238965 * https://bugzilla.suse.com/show_bug.cgi?id=1238982 * https://bugzilla.suse.com/show_bug.cgi?id=1238995 * https://bugzilla.suse.com/show_bug.cgi?id=1239063 * https://bugzilla.suse.com/show_bug.cgi?id=1239090 * https://bugzilla.suse.com/show_bug.cgi?id=1239485 * https://bugzilla.suse.com/show_bug.cgi?id=1239925 * https://bugzilla.suse.com/show_bug.cgi?id=1240170 * https://bugzilla.suse.com/show_bug.cgi?id=1240180 * https://bugzilla.suse.com/show_bug.cgi?id=1240577 * https://bugzilla.suse.com/show_bug.cgi?id=1240579 * https://bugzilla.suse.com/show_bug.cgi?id=1240589 * https://bugzilla.suse.com/show_bug.cgi?id=1240610 * https://bugzilla.suse.com/show_bug.cgi?id=1240650 * https://bugzilla.suse.com/show_bug.cgi?id=1240686 * https://bugzilla.suse.com/show_bug.cgi?id=1240696 * https://bugzilla.suse.com/show_bug.cgi?id=1240702 * https://bugzilla.suse.com/show_bug.cgi?id=1240710 * https://bugzilla.suse.com/show_bug.cgi?id=1240723 * https://bugzilla.suse.com/show_bug.cgi?id=1240798 * https://bugzilla.suse.com/show_bug.cgi?id=1240814 * https://bugzilla.suse.com/show_bug.cgi?id=1240823 * https://bugzilla.suse.com/show_bug.cgi?id=1240866 * https://bugzilla.suse.com/show_bug.cgi?id=1240998 * https://bugzilla.suse.com/show_bug.cgi?id=1241166 * https://bugzilla.suse.com/show_bug.cgi?id=1241191 * https://bugzilla.suse.com/show_bug.cgi?id=1241278 * https://bugzilla.suse.com/show_bug.cgi?id=1241298 * https://bugzilla.suse.com/show_bug.cgi?id=1241340 * https://bugzilla.suse.com/show_bug.cgi?id=1241388 * https://bugzilla.suse.com/show_bug.cgi?id=1241414 * https://bugzilla.suse.com/show_bug.cgi?id=1241457 * https://bugzilla.suse.com/show_bug.cgi?id=1241492 * https://bugzilla.suse.com/show_bug.cgi?id=1241519 *https://bugzilla.suse.com/show_bug.cgi?id=1241538 * https://bugzilla.suse.com/show_bug.cgi?id=1241544 * https://bugzilla.suse.com/show_bug.cgi?id=1241572 * https://bugzilla.suse.com/show_bug.cgi?id=1241576 * https://bugzilla.suse.com/show_bug.cgi?id=1241590 * https://bugzilla.suse.com/show_bug.cgi?id=1241592 * https://bugzilla.suse.com/show_bug.cgi?id=1241595 * https://bugzilla.suse.com/show_bug.cgi?id=1241617 * https://bugzilla.suse.com/show_bug.cgi?id=1241625 * https://bugzilla.suse.com/show_bug.cgi?id=1241635 * https://bugzilla.suse.com/show_bug.cgi?id=1241644 * https://bugzilla.suse.com/show_bug.cgi?id=1241654 * https://bugzilla.suse.com/show_bug.cgi?id=1241689 * https://bugzilla.suse.com/show_bug.cgi?id=1242035 * https://bugzilla.suse.com/show_bug.cgi?id=1242044 * https://bugzilla.suse.com/show_bug.cgi?id=1242086 * https://bugzilla.suse.com/show_bug.cgi?id=1242163 * https://bugzilla.suse.com/show_bug.cgi?id=1242343 * https://bugzilla.suse.com/show_bug.cgi?id=1242414 * https://bugzilla.suse.com/show_bug.cgi?id=1242501 * https://bugzilla.suse.com/show_bug.cgi?id=1242504 * https://bugzilla.suse.com/show_bug.cgi?id=1242508 * https://bugzilla.suse.com/show_bug.cgi?id=1242512 * https://bugzilla.suse.com/show_bug.cgi?id=1242514 * https://bugzilla.suse.com/show_bug.cgi?id=1242515 * https://bugzilla.suse.com/show_bug.cgi?id=1242520 * https://bugzilla.suse.com/show_bug.cgi?id=1242521 * https://bugzilla.suse.com/show_bug.cgi?id=1242524 * https://bugzilla.suse.com/show_bug.cgi?id=1242529 * https://bugzilla.suse.com/show_bug.cgi?id=1242530 * https://bugzilla.suse.com/show_bug.cgi?id=1242531 * https://bugzilla.suse.com/show_bug.cgi?id=1242532 * https://bugzilla.suse.com/show_bug.cgi?id=1242556 * https://bugzilla.suse.com/show_bug.cgi?id=1242559 * https://bugzilla.suse.com/show_bug.cgi?id=1242563 * https://bugzilla.suse.com/show_bug.cgi?id=1242564 * https://bugzilla.suse.com/show_bug.cgi?id=1242565 *https://bugzilla.suse.com/show_bug.cgi?id=1242566 * https://bugzilla.suse.com/show_bug.cgi?id=1242567 * https://bugzilla.suse.com/show_bug.cgi?id=1242568 * https://bugzilla.suse.com/show_bug.cgi?id=1242569 * https://bugzilla.suse.com/show_bug.cgi?id=1242573 * https://bugzilla.suse.com/show_bug.cgi?id=1242574 * https://bugzilla.suse.com/show_bug.cgi?id=1242575 * https://bugzilla.suse.com/show_bug.cgi?id=1242577 * https://bugzilla.suse.com/show_bug.cgi?id=1242578 * https://bugzilla.suse.com/show_bug.cgi?id=1242584 * https://bugzilla.suse.com/show_bug.cgi?id=1242587 * https://bugzilla.suse.com/show_bug.cgi?id=1242591 * https://bugzilla.suse.com/show_bug.cgi?id=1242709 * https://bugzilla.suse.com/show_bug.cgi?id=1242724 * https://bugzilla.suse.com/show_bug.cgi?id=1242725 * https://bugzilla.suse.com/show_bug.cgi?id=1242727 * https://bugzilla.suse.com/show_bug.cgi?id=1242729 * https://bugzilla.suse.com/show_bug.cgi?id=1242758 * https://bugzilla.suse.com/show_bug.cgi?id=1242760 * https://bugzilla.suse.com/show_bug.cgi?id=1242761 * https://bugzilla.suse.com/show_bug.cgi?id=1242764 * https://bugzilla.suse.com/show_bug.cgi?id=1242766 * https://bugzilla.suse.com/show_bug.cgi?id=1242770 * https://bugzilla.suse.com/show_bug.cgi?id=1242781 * https://bugzilla.suse.com/show_bug.cgi?id=1242782 * https://bugzilla.suse.com/show_bug.cgi?id=1242785 * https://bugzilla.suse.com/show_bug.cgi?id=1242792 * https://bugzilla.suse.com/show_bug.cgi?id=1242834 * https://bugzilla.suse.com/show_bug.cgi?id=1242846 * https://bugzilla.suse.com/show_bug.cgi?id=1242849 * https://bugzilla.suse.com/show_bug.cgi?id=1242850 * https://bugzilla.suse.com/show_bug.cgi?id=1242863 * https://bugzilla.suse.com/show_bug.cgi?id=1242865 * https://bugzilla.suse.com/show_bug.cgi?id=1242871 * https://bugzilla.suse.com/show_bug.cgi?id=1242873 * https://bugzilla.suse.com/show_bug.cgi?id=1242906 * https://bugzilla.suse.com/show_bug.cgi?id=1242907 *https://bugzilla.suse.com/show_bug.cgi?id=1242908 * https://bugzilla.suse.com/show_bug.cgi?id=1242909 * https://bugzilla.suse.com/show_bug.cgi?id=1242930 * https://bugzilla.suse.com/show_bug.cgi?id=1242940 * https://bugzilla.suse.com/show_bug.cgi?id=1242943 * https://bugzilla.suse.com/show_bug.cgi?id=1242945 * https://bugzilla.suse.com/show_bug.cgi?id=1242946 * https://bugzilla.suse.com/show_bug.cgi?id=1242947 * https://bugzilla.suse.com/show_bug.cgi?id=1242948 * https://bugzilla.suse.com/show_bug.cgi?id=1242949 * https://bugzilla.suse.com/show_bug.cgi?id=1242952 * https://bugzilla.suse.com/show_bug.cgi?id=1242953 * https://bugzilla.suse.com/show_bug.cgi?id=1242954 * https://bugzilla.suse.com/show_bug.cgi?id=1242955 * https://bugzilla.suse.com/show_bug.cgi?id=1242957 * https://bugzilla.suse.com/show_bug.cgi?id=1242959 * https://bugzilla.suse.com/show_bug.cgi?id=1242961 * https://bugzilla.suse.com/show_bug.cgi?id=1242964 * https://bugzilla.suse.com/show_bug.cgi?id=1242966 * https://bugzilla.suse.com/show_bug.cgi?id=1242967 * https://bugzilla.suse.com/show_bug.cgi?id=1242973 * https://bugzilla.suse.com/show_bug.cgi?id=1242974 * https://bugzilla.suse.com/show_bug.cgi?id=1242977 * https://bugzilla.suse.com/show_bug.cgi?id=1242982 * https://bugzilla.suse.com/show_bug.cgi?id=1242990 * https://bugzilla.suse.com/show_bug.cgi?id=1243000 * https://bugzilla.suse.com/show_bug.cgi?id=1243006 * https://bugzilla.suse.com/show_bug.cgi?id=1243011 * https://bugzilla.suse.com/show_bug.cgi?id=1243015 * https://bugzilla.suse.com/show_bug.cgi?id=1243049 * https://bugzilla.suse.com/show_bug.cgi?id=1243051 * https://bugzilla.suse.com/show_bug.cgi?id=1243055 * https://bugzilla.suse.com/show_bug.cgi?id=1243060 * https://bugzilla.suse.com/show_bug.cgi?id=1243074 * https://bugzilla.suse.com/show_bug.cgi?id=1243076 * https://bugzilla.suse.com/show_bug.cgi?id=1243082 * https://bugzilla.suse.com/show_bug.cgi?id=1243330 *https://bugzilla.suse.com/show_bug.cgi?id=1243342 * https://bugzilla.suse.com/show_bug.cgi?id=1243456 * https://bugzilla.suse.com/show_bug.cgi?id=1243467 * https://bugzilla.suse.com/show_bug.cgi?id=1243469 * https://bugzilla.suse.com/show_bug.cgi?id=1243470 * https://bugzilla.suse.com/show_bug.cgi?id=1243471 * https://bugzilla.suse.com/show_bug.cgi?id=1243472 * https://bugzilla.suse.com/show_bug.cgi?id=1243473 * https://bugzilla.suse.com/show_bug.cgi?id=1243475 * https://bugzilla.suse.com/show_bug.cgi?id=1243476 * https://bugzilla.suse.com/show_bug.cgi?id=1243480 * https://bugzilla.suse.com/show_bug.cgi?id=1243506 * https://bugzilla.suse.com/show_bug.cgi?id=1243509 * https://bugzilla.suse.com/show_bug.cgi?id=1243511 * https://bugzilla.suse.com/show_bug.cgi?id=1243514 * https://bugzilla.suse.com/show_bug.cgi?id=1243515 * https://bugzilla.suse.com/show_bug.cgi?id=1243516 * https://bugzilla.suse.com/show_bug.cgi?id=1243517 * https://bugzilla.suse.com/show_bug.cgi?id=1243522 * https://bugzilla.suse.com/show_bug.cgi?id=1243523 * https://bugzilla.suse.com/show_bug.cgi?id=1243524 * https://bugzilla.suse.com/show_bug.cgi?id=1243528 * https://bugzilla.suse.com/show_bug.cgi?id=1243529 * https://bugzilla.suse.com/show_bug.cgi?id=1243530 * https://bugzilla.suse.com/show_bug.cgi?id=1243534 * https://bugzilla.suse.com/show_bug.cgi?id=1243536 * https://bugzilla.suse.com/show_bug.cgi?id=1243537 * https://bugzilla.suse.com/show_bug.cgi?id=1243538 * https://bugzilla.suse.com/show_bug.cgi?id=1243540 * https://bugzilla.suse.com/show_bug.cgi?id=1243542 * https://bugzilla.suse.com/show_bug.cgi?id=1243543 * https://bugzilla.suse.com/show_bug.cgi?id=1243544 * https://bugzilla.suse.com/show_bug.cgi?id=1243545 * https://bugzilla.suse.com/show_bug.cgi?id=1243548 * https://bugzilla.suse.com/show_bug.cgi?id=1243551 * https://bugzilla.suse.com/show_bug.cgi?id=1243559 * https://bugzilla.suse.com/show_bug.cgi?id=1243560 *https://bugzilla.suse.com/show_bug.cgi?id=1243562 * https://bugzilla.suse.com/show_bug.cgi?id=1243567 * https://bugzilla.suse.com/show_bug.cgi?id=1243571 * https://bugzilla.suse.com/show_bug.cgi?id=1243572 * https://bugzilla.suse.com/show_bug.cgi?id=1243573 * https://bugzilla.suse.com/show_bug.cgi?id=1243574 * https://bugzilla.suse.com/show_bug.cgi?id=1243575 * https://bugzilla.suse.com/show_bug.cgi?id=1243589 * https://bugzilla.suse.com/show_bug.cgi?id=1243620 * https://bugzilla.suse.com/show_bug.cgi?id=1243621 * https://bugzilla.suse.com/show_bug.cgi?id=1243624 * https://bugzilla.suse.com/show_bug.cgi?id=1243625 * https://bugzilla.suse.com/show_bug.cgi?id=1243626 * https://bugzilla.suse.com/show_bug.cgi?id=1243627 * https://bugzilla.suse.com/show_bug.cgi?id=1243628 * https://bugzilla.suse.com/show_bug.cgi?id=1243649 * https://bugzilla.suse.com/show_bug.cgi?id=1243659 * https://bugzilla.suse.com/show_bug.cgi?id=1243660 * https://bugzilla.suse.com/show_bug.cgi?id=1243664 * https://bugzilla.suse.com/show_bug.cgi?id=1243698 * https://bugzilla.suse.com/show_bug.cgi?id=1243774 * https://bugzilla.suse.com/show_bug.cgi?id=1243782 * https://bugzilla.suse.com/show_bug.cgi?id=1243823 * https://bugzilla.suse.com/show_bug.cgi?id=1243827 * https://bugzilla.suse.com/show_bug.cgi?id=1243832 * https://bugzilla.suse.com/show_bug.cgi?id=1243836 * https://bugzilla.suse.com/show_bug.cgi?id=1243847 * https://bugzilla.suse.com/show_bug.cgi?id=1244100 * https://bugzilla.suse.com/show_bug.cgi?id=1244145 * https://bugzilla.suse.com/show_bug.cgi?id=1244172 * https://bugzilla.suse.com/show_bug.cgi?id=1244174 * https://bugzilla.suse.com/show_bug.cgi?id=1244176 * https://bugzilla.suse.com/show_bug.cgi?id=1244229 * https://bugzilla.suse.com/show_bug.cgi?id=1244234 * https://bugzilla.suse.com/show_bug.cgi?id=1244241 * https://bugzilla.suse.com/show_bug.cgi?id=1244261 * https://bugzilla.suse.com/show_bug.cgi?id=1244274 *https://bugzilla.suse.com/show_bug.cgi?id=1244275 * https://bugzilla.suse.com/show_bug.cgi?id=1244277 * https://bugzilla.suse.com/show_bug.cgi?id=1244309 * https://bugzilla.suse.com/show_bug.cgi?id=1244313 * https://bugzilla.suse.com/show_bug.cgi?id=1244337 * https://bugzilla.suse.com/show_bug.cgi?id=1244626 * https://bugzilla.suse.com/show_bug.cgi?id=1244725 * https://bugzilla.suse.com/show_bug.cgi?id=1244727 * https://bugzilla.suse.com/show_bug.cgi?id=1244729 * https://bugzilla.suse.com/show_bug.cgi?id=1244731 * https://bugzilla.suse.com/show_bug.cgi?id=1244732 * https://bugzilla.suse.com/show_bug.cgi?id=1244736 * https://bugzilla.suse.com/show_bug.cgi?id=1244737 * https://bugzilla.suse.com/show_bug.cgi?id=1244738 * https://bugzilla.suse.com/show_bug.cgi?id=1244739 * https://bugzilla.suse.com/show_bug.cgi?id=1244743 * https://bugzilla.suse.com/show_bug.cgi?id=1244746 * https://bugzilla.suse.com/show_bug.cgi?id=1244747 * https://bugzilla.suse.com/show_bug.cgi?id=1244759 * https://bugzilla.suse.com/show_bug.cgi?id=1244789 * https://bugzilla.suse.com/show_bug.cgi?id=1244862 * https://bugzilla.suse.com/show_bug.cgi?id=1244906 * https://bugzilla.suse.com/show_bug.cgi?id=1244938 * https://bugzilla.suse.com/show_bug.cgi?id=1244995 * https://bugzilla.suse.com/show_bug.cgi?id=1244996 * https://bugzilla.suse.com/show_bug.cgi?id=1244999 * https://bugzilla.suse.com/show_bug.cgi?id=1245001 * https://bugzilla.suse.com/show_bug.cgi?id=1245003 * https://bugzilla.suse.com/show_bug.cgi?id=1245004 * https://bugzilla.suse.com/show_bug.cgi?id=1245025 * https://bugzilla.suse.com/show_bug.cgi?id=1245042 * https://bugzilla.suse.com/show_bug.cgi?id=1245046 * https://bugzilla.suse.com/show_bug.cgi?id=1245078 * https://bugzilla.suse.com/show_bug.cgi?id=1245081 * https://bugzilla.suse.com/show_bug.cgi?id=1245082 * https://bugzilla.suse.com/show_bug.cgi?id=1245083 * https://bugzilla.suse.com/show_bug.cgi?id=1245101 *https://bugzilla.suse.com/show_bug.cgi?id=1245155 * https://bugzilla.suse.com/show_bug.cgi?id=1245183 * https://bugzilla.suse.com/show_bug.cgi?id=1245193 * https://bugzilla.suse.com/show_bug.cgi?id=1245210 * https://bugzilla.suse.com/show_bug.cgi?id=1245217 * https://bugzilla.suse.com/show_bug.cgi?id=1245225 * https://bugzilla.suse.com/show_bug.cgi?id=1245226 * https://bugzilla.suse.com/show_bug.cgi?id=1245228 * https://bugzilla.suse.com/show_bug.cgi?id=1245431 * https://bugzilla.suse.com/show_bug.cgi?id=1245455 * https://jira.suse.com/login.jsp?permissionViolation=true&os_destination=%2Fbrowse%2FPED-12551&page_caps=&user_role= * https://jira.suse.com/login.jsp?permissionViolation=true&os_destination=%2Fbrowse%2FPED-13019&page_caps=&user_role= * https://jira.suse.com/login.jsp?permissionViolation=true&os_destination=%2Fbrowse%2FPED-13094&page_caps=&user_role= . Fedora's latest system software upgrade rectifies several vulnerabilities. Update now to safeguard your devices promptly.. SUSE Linux Kernel Update, Security Advisories, Kernel Security Fixes. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 16, 2025 Important SuSE
217

Oracle Linux 8: ELSA-2025-20365 Important: Kernel Security Fixes

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-20365 http://linux.oracle.com/errata/ELSA-2025-20365.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: bpftool-5.15.0-309.180.4.el8uek.x86_64.rpm kernel-uek-5.15.0-309.180.4.el8uek.x86_64.rpm kernel-uek-core-5.15.0-309.180.4.el8uek.x86_64.rpm kernel-uek-debug-5.15.0-309.180.4.el8uek.x86_64.rpm kernel-uek-debug-core-5.15.0-309.180.4.el8uek.x86_64.rpm kernel-uek-debug-devel-5.15.0-309.180.4.el8uek.x86_64.rpm kernel-uek-debug-modules-5.15.0-309.180.4.el8uek.x86_64.rpm kernel-uek-debug-modules-extra-5.15.0-309.180.4.el8uek.x86_64.rpm kernel-uek-devel-5.15.0-309.180.4.el8uek.x86_64.rpm kernel-uek-doc-5.15.0-309.180.4.el8uek.noarch.rpm kernel-uek-modules-5.15.0-309.180.4.el8uek.x86_64.rpm kernel-uek-modules-extra-5.15.0-309.180.4.el8uek.x86_64.rpm kernel-uek-container-5.15.0-309.180.4.el8uek.x86_64.rpm kernel-uek-container-debug-5.15.0-309.180.4.el8uek.x86_64.rpm aarch64: bpftool-5.15.0-309.180.4.el8uek.aarch64.rpm kernel-uek-5.15.0-309.180.4.el8uek.aarch64.rpm kernel-uek-core-5.15.0-309.180.4.el8uek.aarch64.rpm kernel-uek-debug-5.15.0-309.180.4.el8uek.aarch64.rpm kernel-uek-debug-core-5.15.0-309.180.4.el8uek.aarch64.rpm kernel-uek-debug-devel-5.15.0-309.180.4.el8uek.aarch64.rpm kernel-uek-debug-modules-5.15.0-309.180.4.el8uek.aarch64.rpm kernel-uek-debug-modules-extra-5.15.0-309.180.4.el8uek.aarch64.rpm kernel-uek-devel-5.15.0-309.180.4.el8uek.aarch64.rpm kernel-uek-doc-5.15.0-309.180.4.el8uek.noarch.rpm kernel-uek-modules-5.15.0-309.180.4.el8uek.aarch64.rpm kernel-uek-modules-extra-5.15.0-309.180.4.el8uek.aarch64.rpm kernel-uek-container-5.15.0-309.180.4.el8uek.aarch64.rpm kernel-uek-container-debug-5.15.0-309.180.4.el8uek.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//kernel-uek-5.15.0-309.180.4.el8uek.src.rpm Related CVEs: CVE-2024-28956 CVE-2024-8805 Description ofchanges: [5.15.0-309.180.4.el8uek] - nvme: unblock ctrl state transition for firmware update (Daniel Wagner) - nfsd: decrease sc_count directly if fail to queue dl_recall (Li Lingfeng) - cpufreq/sched: Fix the usage of CPUFREQ_NEED_UPDATE_LIMITS (Rafael J. Wysocki) - ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() (Xuanqiang Luo) - usb: chipidea: ci_hdrc_imx: fix usbmisc handling (Fedor Pchelkin) - Revert "PCI: Avoid reset when disabled via sysfs" (Alex Williamson) - uek-rpm: CONFIG_PTP_1588_CLOCK_OCP enable for OCI (Vijayendra Suman) [Orabug: 37777354] - ptp: ocp: let ptp core report driver name instead of the drivers (Vijayendra Suman) [Orabug: 37777354] - ptp: ocp: Add .getmaxphase ptp_clock_info callback (Rahul Rameshbabu) [Orabug: 37777354] - ptp: ocp: remove flash image header check fallback (Vadim Fedorenko) [Orabug: 37777354] - ptp: ocp: expose config and temperature for ART card (Vadim Fedorenko) [Orabug: 37777354] - ptp: ocp: add serial port of mRO50 MAC on ART card (Vadim Fedorenko) [Orabug: 37777354] - ptp: ocp: add Orolia timecard support (Vadim Fedorenko) [Orabug: 37777354] - ptp: ocp: upgrade serial line information (Vadim Fedorenko) [Orabug: 37777354] - ] ptp: ocp: remove symlink for second GNSS (Vadim Fedorenko) [Orabug: 37777354] - ptp_ocp: use device_find_any_child() instead of custom approach (Andy Shevchenko) [Orabug: 37777354] - ptp_ocp: replace kzalloc(x*y) by kcalloc(y, x) (Andy Shevchenko) [Orabug: 37777354] - ptp_ocp: do not call pci_set_drvdata(pdev, NULL) (Andy Shevchenko) [Orabug: 37777354] - ptp_ocp: drop duplicate NULL check in ptp_ocp_detach() (Andy Shevchenko) [Orabug: 37777354] - ptp_ocp: use bits.h macros for all masks (Andy Shevchenko) [Orabug: 37777354] - ptp: ocp: Add firmware header checks (Vadim Fedorenko) [Orabug: 37777354] - ptp: ocp: fix PPS source selector debugfs reporting (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: add .init function for sma_op vector (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: vectorize the sma accessorfunctions (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: constify selectors (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: parameterize input/output sma selectors (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: revise firmware display (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: add Celestica timecard PCI ids (Vadim Fedorenko) [Orabug: 37777354] - ptp: ocp: Remove #ifdefs around PCI IDs (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: 32-bit fixups for pci start address (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: change sysfs attr group handling (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: have adjtime handle negative delta_ns correctly (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: Use DIV64_U64_ROUND_UP for rounding. (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: handle error from nvmem_device_find (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: use snprintf() in ptp_ocp_verify() (Dan Carpenter) [Orabug: 37777354] - ptp: ocp: Make debugfs variables the correct bitwidth (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: Fix PTP_PF_* verification requests (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: Add 2 more timestampers (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: Add 4 frequency counters (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: Program the signal generators via PTP_CLK_REQ_PEROUT (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: Add signal generators and update sysfs nodes (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: Add firmware capability bits for feature gating (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: Add GND and VCC output selectors (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: Rename output selector 'GNSS' to 'GNSS1' (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: Add ability to disable input selectors. (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: Add support for selectable SMA directions. (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: add UPF_NO_THRE_TEST flag for serial ports (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: Update devlinkfirmware display path. (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: add nvmem interface for accessing eeprom (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: correct label for error path (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: off by in in ptp_ocp_tod_gnss_name() (Dan Carpenter) [Orabug: 37777354] - ptp: ocp: Add serial port information to the debug summary (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: adjust utc_tai_offset to TOD info (Vadim Fedorenko) [Orabug: 37777354] - ptp: ocp: add tod_correction attribute (Vadim Fedorenko) [Orabug: 37777354] - ptp: ocp: Expose clock status drift and offset (Vadim Fedorenko) [Orabug: 37777354] - ptp: ocp: add TOD debug information (Vadim Fedorenko) [Orabug: 37777354] - ptp: ocp: Add ptp_ocp_adjtime_coarse for large adjustments (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: Move devlink registration to be last devlink command (Leon Romanovsky) [Orabug: 37777354] - ptp: ocp: Avoid operator precedence warning in ptp_ocp_summary_show() (Nathan Chancellor) [Orabug: 37777354] - ptp: ocp: Add timestamp window adjustment (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: Have FPGA fold in ns adjustment for adjtime. (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: Enable 4th timestamper / PPS generator (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: Add second GNSS device (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: Add NMEA output (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: Add debugfs entry for timecard (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: Separate the init and info logic (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: Add sysfs attribute utc_tai_offset (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: Add IRIG-B output mode control (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: Add IRIG-B and DCF blocks (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: Add SMA selector and controls (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: Add third timestamper (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: Report error if resourceregistration fails. (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: Skip resources with out of range irqs (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: Skip I2C flash read when there is no controller. (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: Parameterize the TOD information display. (Jonathan Lemon) [Orabug: 37777354] - ptp: ocp: parameterize the i2c driver used (Jonathan Lemon) [Orabug: 37777354] - vhost-scsi: log event queue write descriptors (Dongli Zhang) [Orabug: 37884058] - vhost-scsi: log control queue write descriptors (Dongli Zhang) [Orabug: 37884058] - vhost-scsi: log I/O queue write descriptors (Dongli Zhang) [Orabug: 37884058] - vhost-scsi: adjust vhost_scsi_get_desc() to log vring descriptors (Dongli Zhang) [Orabug: 37884058] - vhost: modify vhost_log_write() for broader users (Dongli Zhang) [Orabug: 37884058] - mm: make page_mapped_in_vma() hugetlb walk aware (Jane Chu) [Orabug: 37956589] - mm/rmap: Fix handling of hugetlbfs pages in page_vma_mapped_walk (zhenwei pi) [Orabug: 37956589] - ext4: update the backup superblock's at the end of the online resize (Theodore Ts'o) [Orabug: 37356729] - gve: ignore nonrelevant GSO type bits when processing TSO headers (Joshua Washington) [Orabug: 37356729] - gve: update gve.rst (Rushil Gupta) [Orabug: 37356729] - gve: RX path for DQO-QPL (Rushil Gupta) [Orabug: 37356729] - gve: Tx path for DQO-QPL (Rushil Gupta) [Orabug: 37356729] - gve: Control path for DQO-QPL (Rushil Gupta) [Orabug: 37356729] - gve: Fix gve interrupt names (Praveen Kaligineedi) [Orabug: 37356729] - gve: Handle alternate miss completions (Jeroen de Borst) [Orabug: 37356729] - gve: Adding a new AdminQ command to verify driver (Jeroen de Borst) [Orabug: 37356729] - gve: Fix error return code in gve_prefill_rx_pages() (Yang Yingliang) [Orabug: 37356729] - gve: Reduce alloc and copy costs in the GQ rx path (Shailend Chand) [Orabug: 37356729] - google/gve:fix repeated words in comments (Jilin Yuan) [Orabug: 37356729] - gve: Fix spelling mistake "droping" -> "dropping" (Colin Ian King) [Orabug: 37356729] - gve: enhance no queue page list detection (Haiyue Wang) [Orabug: 37356729] - gve: Recording rx queue before sending to napi (Tao Liu) [Orabug: 37356729] - ext4: add ioctls to get/set the ext4 superblock uuid (Jeremy Bongio) [Orabug: 37356729] - ext4: implement support for get/set fs label (Lukas Czerner) [Orabug: 37356729] - gve: Add tx|rx-coalesce-usec for DQO (Tao Liu) [Orabug: 37356729] - gve: Add consumed counts to ethtool stats (Jordan Kim) [Orabug: 37356729] - gve: Implement suspend/resume/shutdown (Catherine Sullivan) [Orabug: 37356729] - gve: Add optional metadata descriptor type GVE_TXD_MTD (Willem de Bruijn) [Orabug: 37356729] - gve: remove memory barrier around seqno (Catherine Sullivan) [Orabug: 37356729] - gve: Update gve_free_queue_page_list signature (Catherine Sullivan) [Orabug: 37356729] - gve: Move the irq db indexes out of the ntfy block struct (Catherine Sullivan) [Orabug: 37356729] - gve: Correct order of processing device options (Jeroen de Borst) [Orabug: 37356729] - gve: fix for null pointer dereference. (Ameer Hamza) [Orabug: 37356729] - gve: fix unmatched u64_stats_update_end() (Dan Carpenter) [Orabug: 37356729] - gve: Add a jumbo-frame device option. (Shailend Chand) [Orabug: 37356729] - gve: Implement packet continuation for RX. (David Awogbemila) [Orabug: 37356729] - gve: Allow pageflips on larger pages (Jordan Kim) [Orabug: 37356729] - gve: Add netif_set_xps_queue call (Catherine Sullivan) [Orabug: 37356729] - gve: Do lazy cleanup in TX path (Tao Liu) [Orabug: 37356729] - gve: Add rx buffer pagecnt bias (Catherine Sullivan) [Orabug: 37356729] - gve: Switch to use napi_complete_done (Yangchun Fu) [Orabug: 37356729] - gve: Use kvcalloc() instead of kvzalloc() (Gustavo A. R. Silva) [Orabug: 37356729] - selftests/net: optmem_max became per netns (Eric Dumazet) [Orabug: 37356732] - tcp: derive delack_max with tcp_rto_min helper (Kevin Yang) [Orabug: 37356732] - tcp: derive delack_max from rto_min (Eric Dumazet) [Orabug: 37356732] - tcp: add sysctl_tcp_rto_min_us (Kevin Yang) [Orabug: 37356732] - tcp: constify tcp_rto_min() and tcp_rto_min_us() argument (Eric Dumazet) [Orabug: 37356732] - net: constify sk_dst_get() and __sk_dst_get() argument (Eric Dumazet) [Orabug: 37356732] - net: Namespace-ify sysctl_optmem_max (Eric Dumazet) [Orabug: 37356732] - net: increase optmem_max default value (Eric Dumazet) [Orabug: 37356732] - net: phy: dp83867: Fix SGMII FIFO depth for non OF devices (Michael Sit Wei Hong) [Orabug: 37670821] - net: phy: dp83867: fix get nvmem cell fail (Nikita Shubin) [Orabug: 37670821] - net: phy: dp83867: implement support for io_impedance_ctrl nvmem cell (Rasmus Villemoes) [Orabug: 37670821] - net: phy: constify netdev-> dev_addr references (Jakub Kicinski) [Orabug: 37670821] - net: phy: dp83867: introduce critical chip default init for non-of platform (Lay, Kuan Loon) [Orabug: 37670821] - RDS: use pin_user_pages_fast() (Stephen Brennan) [Orabug: 37872748] - uek-rpm: Reduce the size of the Bluefield 3 kernel (Henry Willard) [Orabug: 37910874] - uek-rpm: Make sure dtb directory exists for emb3. (Henry Willard) [Orabug: 37910874] - uek-rpm: Move the gve kernel module from extra to kernel-uek-core (Samasth Norway Ananda) [Orabug: 37940898] - platform/mellanox: mlxbf-pmc: Support additional PMC blocks (Shravan Kumar Ramani) [Orabug: 37955981] - mlxbf-bootctl: use sysfs_emit_at() in secure_boot_fuse_state_show() (David Thompson) [Orabug: 37955981] - mlxbf-bootctl: Support sysfs entries for RTC battery status (Xiangrong Li) [Orabug: 37955981] - platform/mellanox: mlxbf-bootctl: use sysfs_emit() instead of sprintf() (Ai Chao) [Orabug: 37955981] - drivers/platform/mellanox: Convert snprintf to sysfs_emit (Li Zhijian) [Orabug: 37955981] - certs: Add new Oracle Linux Driver Signing (key 1) certificate (Sherry Yang) [Orabug: 37967553] [5.15.0-309.180.3.el8uek] - net/mlx5: Reclaim max 50K pages at once (Anand Khoje) [Orabug: 36933755] - x86/sev: Fix position dependent variable references instartup code (Ard Biesheuvel) [Orabug: 37356711] - x86/PCI: Export find_cap() to be used in early PCI code (Rayan Dasoriya) [Orabug: 37356711] - x86/quirks: Scan all busses for early PCI quirks (Rayan Dasoriya) [Orabug: 37356711] - x86/quirks: Add parameter to clear MSIs early on boot (Rayan Dasoriya) [Orabug: 37356711] - iommu/amd: Add map/unmap_pages() iommu_domain_ops callback support (Vasant Hegde) [Orabug: 37356711] - iommu/amd/io-pgtable: Implement unmap_pages io_pgtable_ops callback (Vasant Hegde) [Orabug: 37356711] - iommu/amd/io-pgtable: Implement map_pages io_pgtable_ops callback (Vasant Hegde) [Orabug: 37356711] - iommu/amd: Use put_pages_list (Matthew Wilcox (Oracle)) [Orabug: 37356711] - x86/sev: Make enc_dec_hypercall() accept a size instead of npages (Steve Rutherford) [Orabug: 37356711] - iommu/amd: Simplify pagetable freeing (Robin Murphy) [Orabug: 37356711] - x86/kvm: Add kexec support for SEV Live Migration. (Ashish Kalra) [Orabug: 37356711] - nfsd: allow layout state to be admin-revoked. (NeilBrown) [Orabug: 37644985] - nfsd: allow delegation state ids to be revoked and then freed (NeilBrown) [Orabug: 37644985] - nfsd: allow open state ids to be revoked and then freed (NeilBrown) [Orabug: 37644985] - nfsd: allow lock state ids to be revoked and then freed (NeilBrown) [Orabug: 37644985] - nfsd: allow admin-revoked NFSv4.0 state to be freed. (NeilBrown) [Orabug: 37644985] - nfsd: report in /proc/fs/nfsd/clients/*/states when state is admin-revoke (NeilBrown) [Orabug: 37644985] - nfsd: allow state with no file to appear in /proc/fs/nfsd/clients/*/states (NeilBrown) [Orabug: 37644985] - nfsd: prepare for supporting admin-revocation of state (NeilBrown) [Orabug: 37644985] - nfsd: split sc_status out of sc_type (NeilBrown) [Orabug: 37644985] - nfsd: remove stale comment in nfs4_show_deleg() (NeilBrown) [Orabug: 37644985] - nfsd: avoid race after unhash_delegation_locked() (NeilBrown) [Orabug: 37644985] - nfsd: don't call functions with side-effecting inside WARN_ON()(NeilBrown) [Orabug: 37644985] - NFSD: Add nfsd_seq4_status trace event (Chuck Lever) [Orabug: 37644985] - NFSD: Clean up nfsd4_encode_layoutreturn() (Chuck Lever) [Orabug: 37644985] - NFSD: Make @lgp parameter of -> encode_layoutget a const pointer (Chuck Lever) [Orabug: 37644985] - NFSD: Clean up nfsd4_encode_stateid() (Chuck Lever) [Orabug: 37644985] - NFSD: Add simple u32, u64, and bool encoders (Chuck Lever) [Orabug: 37644985] - NFSD: Add encoders for NFSv4 clientids and verifiers (Chuck Lever) [Orabug: 37644985] - nfsd: add some kerneldoc comments for stateid preprocessing functions (Jeff Layton) [Orabug: 37644985] - nfsd: eliminate find_deleg_file_locked (Jeff Layton) [Orabug: 37644985] - nfsd: fix potential race in nfs4_find_file (Jeff Layton) [Orabug: 37644985] - vhost-scsi: Fix vhost_scsi_send_status() (Dongli Zhang) [Orabug: 37840544] - vhost-scsi: Fix vhost_scsi_send_bad_target() (Dongli Zhang) [Orabug: 37840544] - vhost-scsi: protect vq-> log_used with vq-> mutex (Dongli Zhang) [Orabug: 37840544] - vhost-scsi: Reduce response iov mem use (Mike Christie) [Orabug: 37840544] - vhost-scsi: Allocate iov_iter used for unaligned copies when needed (Mike Christie) [Orabug: 37840544] - vhost-scsi: Stop duplicating se_cmd fields (Mike Christie) [Orabug: 37840544] - vhost-scsi: Dynamically allocate scatterlists (Mike Christie) [Orabug: 37840544] - vhost-scsi: Return queue full for page alloc failures during copy (Mike Christie) [Orabug: 37840544] - vhost-scsi: Add better resource allocation failure handling (Mike Christie) [Orabug: 37840544] - vhost-scsi: Allocate T10 PI structs only when enabled (Mike Christie) [Orabug: 37840544] - vhost-scsi: Reduce mem use by moving upages to per queue (Mike Christie) [Orabug: 37840544] - scsi: target: core: Use RCU helpers for INQUIRY t10_alua_tg_pt_gp (Mike Christie) [Orabug: 37840544] - scsi: target: Perform ALUA group changes in one step (Mike Christie) [Orabug: 37840544] - scsi: target: Replace lun_tg_pt_gp_lock with rcu in I/O path (MikeChristie) [Orabug: 37840544] - scsi: target: Fix write perf due to unneeded throttling (Mike Christie) [Orabug: 37840544] - vhost scsi: Allow user to control num virtqueues (Mike Christie) [Orabug: 37840544] - vhost-scsi: Rename vhost_scsi_iov_to_sgl (Mike Christie) [Orabug: 37840544] - vhost-scsi: unbreak any layout for response (Jason Wang) [Orabug: 37840544] - Revert "vhost-scsi: protect vq-> log_base with vq-> mutex" (Mike Christie) [Orabug: 37840544] - Revert "vhost_scsi: log write descriptors" (Mike Christie) [Orabug: 37840544] - x86/bugs: Enabling Retbleed and SRSO mitigation can taint the kernel (Alexandre Chartre) [Orabug: 37945824] - x86/bhi: Do not set BHI_DIS_S in 32-bit mode (Pawan Gupta) [Orabug: 37945831] - x86/bpf: Add IBHF call at end of classic BPF (Daniel Sneddon) [Orabug: 37945831] - x86/bpf: Call branch history clearing sequence on exit (Daniel Sneddon) [Orabug: 37945831] - selftest/x86/bugs: Add selftests for ITS (Pawan Gupta) [Orabug: 37945842] {CVE-2024-28956} - x86/its: Align RETs in BHB clear sequence to avoid thunking (Pawan Gupta) [Orabug: 37945842] {CVE-2024-28956} - x86/its: Add "vmexit" option to skip mitigation on some CPUs (Pawan Gupta) [Orabug: 37945842] {CVE-2024-28956} - x86/its: Enable Indirect Target Selection mitigation (Pawan Gupta) [Orabug: 37945842] {CVE-2024-28956} - x86/its: Add support for ITS-safe return thunk (Pawan Gupta) [Orabug: 37945842] {CVE-2024-28956} - x86/its: Add support for ITS-safe indirect thunk (Pawan Gupta) [Orabug: 37945842] {CVE-2024-28956} - x86/its: Enumerate Indirect Target Selection (ITS) bug (Pawan Gupta) [Orabug: 37945842] {CVE-2024-28956} - Documentation: x86/bugs/its: Add ITS documentation (Pawan Gupta) [Orabug: 37945842] {CVE-2024-28956} - x86/alternatives: Remove faulty optimization (Josh Poimboeuf) [Orabug: 37945842] {CVE-2024-28956} - x86/alternative: Optimize returns patching (Borislav Petkov (AMD)) [Orabug: 37945842] {CVE-2024-28956} [5.15.0-309.180.2.el8uek] - LTS version: v5.15.180 (Vijayendra Suman) -mmc: sdhci-brcmstb: Initialize base_clk to NULL in sdhci_brcmstb_probe() (Nathan Chancellor) - tracing: Do not use PERF enums when perf is not defined (Steven Rostedt) - mm, slab: remove duplicate kernel-doc comment for ksize() (Vlastimil Babka) - mmc: sdhci-brcmstb: use clk_get_rate(base_clk) in PM resume (Kamal Dasu) - NFSD: Skip sending CB_RECALL_ANY when the backchannel isn't up (Chuck Lever) - nfsd: put dl_stid if fail to queue dl_recall (Li Lingfeng) - jfs: add index corruption check to DT_GETPAGE() (Roman Smirnov) - ext4: fix OOB read when checking dotdot dir (Acs, Jakub) - ext4: don't over-report free space or inodes in statvfs (Theodore Ts'o) - tracing/osnoise: Fix possible recursive locking for cpus_read_lock() (Ran Xiaokai) - tracing: Fix synth event printk format for str fields (Douglas Raillard) - tracing: Ensure module defining synth event cannot be unloaded while tracing (Douglas Raillard) - tracing: Fix use-after-free in print_graph_function_flags during tracer switching (Tengda Wu) - mmc: sdhci-pxav3: set NEED_RSP_BUSY capability (Karel Balej) - ACPI: resource: Skip IRQ override on ASUS Vivobook 14 X1404VAP (Paul Menzel) - acpi: nfit: fix narrowing conversion in acpi_nfit_ctl (Murad Masimov) - x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs (Jann Horn) - x86/tsc: Always save/restore TSC sched_clock() on suspend/resume (Guilherme G. Piccoli) - btrfs: handle errors from btrfs_dec_ref() properly (Josef Bacik) - ntb_perf: Delete duplicate dmaengine_unmap_put() call in perf_copy_chunk() (Markus Elfring) - platform/x86: ISST: Correct command storage data length (Srinivas Pandruvada) - drm/amd/display: Skip inactive planes within ModeSupportAndSystemConfiguration (Hersen Wu) - drm/amd/pm: Fix negative array index read (Jesse Zhang) - tty: serial: fsl_lpuart: disable transmitter before changing RS485 related registers (Sherry Sun) - tty: serial: fsl_lpuart: use UARTMODIR register bits for lpuart32 platform (Sherry Sun) - mmc: sdhci-brcmstb: add cqhci suspend/resume to PM ops (KamalDasu) - mmc: sdhci-brcmstb: Add ability to increase max clock rate for 72116b0 (Kamal Dasu) - can: flexcan: disable transceiver during system PM (Haibo Chen) - can: flexcan: only change CAN state when link up in system PM (Haibo Chen) - arcnet: Add NULL check in com20020pci_probe() (Henry Martin) - net: fix geneve_opt length integer overflow (Lin Ma) - ipv6: fix omitted netlink attributes when using RTEXT_FILTER_SKIP_STATS (Fernando Fernandez Mancera) - netfilter: nft_tunnel: fix geneve_opt type confusion addition (Lin Ma) - tunnels: Accept PACKET_HOST in skb_tunnel_check_pmtu(). (Guillaume Nault) - vsock: avoid timeout during connect() if the socket is closing (Stefano Garzarella) - net: mvpp2: Prevent parser TCAM memory corruption (Tobias Waldekranz) - net_sched: skbprio: Remove overly strict queue assertions (Cong Wang) - netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (Debin Zhu) - netfilter: nft_set_hash: GC reaps elements with conncount for dynamic sets only (Pablo Neira Ayuso) - ASoC: imx-card: Add NULL check in imx_card_probe() (Henry Martin) - ntb: intel: Fix using link status DB's (Nikita Shubin) - ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans (Yajun Deng) - riscv: ftrace: Add parentheses in macro definitions of make_call_t0 and make_call_ra (Juhan Jin) - spufs: fix a leak in spufs_create_context() (Al Viro) - spufs: fix a leak on spufs_new_file() failure (Al Viro) - hwmon: (nct6775-core) Fix out of bounds access for NCT679{8,9} (Tasos Sahanidis) - can: statistics: use atomic access in hot path (Oliver Hartkopp) - ALSA: hda/realtek: Add mute LED quirk for HP Pavilion x360 14-dy1xxx (Navon John Lukose) - drm/amd: Keep display off while going into S4 (Mario Limonciello) - x86/sgx: Warn explicitly if X86_FEATURE_SGX_LC is not enabled (Vladis Dronov) - locking/semaphore: Use wake_q to wake up processes outside lock critical section (Waiman Long) - sched/deadline: Use online cpus for validating runtime (Shrikanth Hegde) - ksmbd: fix incorrect validation fornum_aces field of smb_acl (Namjae Jeon) - affs: don't write overlarge OFS data block size fields (Simon Tatham) - affs: generate OFS sequence numbers starting at 1 (Simon Tatham) - nvme-pci: skip CMB blocks incompatible with PCI P2P DMA (Icenowy Zheng) - nvme-pci: clean up CMBMSC when registering CMB fails (Icenowy Zheng) - nvme-tcp: fix possible UAF in nvme_tcp_poll (Sagi Grimberg) - wifi: iwlwifi: fw: allocate chained SG tables for dump (Johannes Berg) - sched/smt: Always inline sched_smt_active() (Josh Poimboeuf) - octeontx2-af: Fix mbox INTR handler when num VFs > 64 (Geetha sowjanya) - ACPI: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (Giovanni Gherdovich) - ring-buffer: Fix bytes_dropped calculation issue (Feng Yang) - ksmbd: use aead_request_free to match aead_request_alloc (Miaoqian Lin) - rtnetlink: Allocate vfinfo size for VF GUIDs when supported (Mark Zhang) - exfat: fix the infinite loop in exfat_find_last_cluster() (Yuezhang Mo) - objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() (Josh Poimboeuf) - fs/procfs: fix the comment above proc_pid_wchan() (Bart Van Assche) - perf python: Check if there is space to copy all the event (Arnaldo Carvalho de Melo) - perf python: Don't keep a raw_data pointer to consumed ring buffer space (Arnaldo Carvalho de Melo) - perf python: Decrement the refcount of just created event on failure (Arnaldo Carvalho de Melo) - perf python: Fixup description of sample.id event member (Arnaldo Carvalho de Melo) - i3c: master: svc: Fix missing the IBI rules (Stanley Chu) - fuse: fix dax truncate/punch_hole fault path (Alistair Popple) - NFSv4: Don't trigger uneccessary scans for return-on-close delegations (Trond Myklebust) - ocfs2: validate l_tree_depth to avoid out-of-bounds access (Vasiliy Kovalev) - kexec: initialize ELF lowest address to ULONG_MAX (Sourabh Jain) - perf units: Fix insufficient array space (Arnaldo Carvalho de Melo) - iio: adc: ad7124: Fix comparison of channel configs (Uwe Kleine-König) - fs/ntfs3: Fix acouple integer overflows on 32bit systems (Dan Carpenter) - iio: accel: mma8452: Ensure error return on failure to matching oversampling ratio (Jonathan Cameron) - coresight: catu: Fix number of pages while using 64k pages (Ilkka Koskinen) - soundwire: slave: fix an OF node reference leak in soundwire slave device (Joe Hattori) - isofs: fix KMSAN uninit-value bug in do_isofs_readdir() (Qasim Ijaz) - clk: qcom: mmcc-sdm660: fix stuck video_subcore0 clock (Barnabás Czémán) - crypto: hisilicon/sec2 - fix for aead auth key length (Wenkai Lin) - x86/dumpstack: Fix inaccurate unwinding from exception stacks due to misplaced assignment (Jann Horn) - mfd: sm501: Switch to BIT() to mitigate integer overflows (Nikita Zhandarovich) - RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow (Patrisious Haddad) - crypto: nx - Fix uninitialised hv_nxc on error (Herbert Xu) - power: supply: max77693: Fix wrong conversion of charge input threshold value (Artur Weber) - x86/entry: Fix ORC unwinder for PUSH_REGS with save_ret=1 (Jann Horn) - clk: amlogic: g12a: fix mmc A peripheral clock (Jerome Brunet) - clk: amlogic: gxbb: drop non existing 32k clock parent (Jerome Brunet) - clk: amlogic: g12b: fix cluster A parent data (Jerome Brunet) - pinctrl: tegra: Set SFIO mode to Mux Register (Prathamesh Shete) - IB/mad: Check available slots before posting receive WRs (Maher Sanalla) - remoteproc: qcom_q6v5_mss: Handle platforms with one power domain (Luca Weiss) - RDMA/core: Don't expose hw_counters outside of init net namespace (Roman Gushchin) - clk: rockchip: rk3328: fix wrong clk_ref_usb3otg parent (Peter Geis) - pinctrl: renesas: rzg2l: Fix missing of_node_put() call (Fabrizio Castro) - pinctrl: renesas: rza2: Fix missing of_node_put() call (Fabrizio Castro) - lib: 842: Improve error handling in sw842_compress() (Tanya Agarwal) - clk: qcom: gcc-msm8953: fix stuck venus0_core0 clock (Vladimir Lypak) - clk: samsung: Fix UBSAN panic in samsung_clk_init() (Will McVicker) - libbpf: Fix hypothetical STT_SECTION extern NULL deref case(Andrii Nakryiko) - remoteproc: qcom_q6v5_pas: Make single-PD handling more robust (Luca Weiss) - remoteproc: core: Clear table_sz when rproc_shutdown (Peng Fan) - crypto: hisilicon/sec2 - fix for aead authsize alignment (Wenkai Lin) - clk: amlogic: gxbb: drop incorrect flag on 32k clock (Jerome Brunet) - fbdev: sm501fb: Add some geometry checks. (Danila Chernetsov) - mdacon: rework dependency list (Arnd Bergmann) - fbdev: au1100fb: Move a variable assignment behind a null pointer check (Markus Elfring) - PCI: pciehp: Don't enable HPIE when resuming in poll mode (Ilpo Järvinen) - drm/mediatek: dsi: fix error codes in mtk_dsi_host_transfer() (Dan Carpenter) - PCI: xilinx-cpm: Fix IRQ domain leak in error path of probe (Thippeswamy Havalige) - PCI: Remove stray put_device() in pci_register_host_bridge() (Dan Carpenter) - drm/amd/display: fix type mismatch in CalculateDynamicMetadataParameters() (Vitaliy Shevtsov) - PCI: Avoid reset when disabled via sysfs (Nishanth Aravamudan) - PCI/portdrv: Only disable pciehp interrupts early when needed (Feng Tang) - PCI: brcmstb: Use internal register to change link capability (Jim Quinlan) - PCI: cadence-ep: Fix the driver to send MSG TLP for INTx without data payload (Hans Zhang) - PCI/ASPM: Fix link state exit during switch upstream function removal (Daniel Stodden) - drm/mediatek: mtk_hdmi: Fix typo for aud_sampe_size member (AngeloGioacchino Del Regno) - drm/mediatek: mtk_hdmi: Unregister audio platform device on failure (AngeloGioacchino Del Regno) - drm/vkms: Fix use after free and double free on init error (José Expósito) - drm: xlnx: zynqmp: Fix max dma segment size (Tomi Valkeinen) - drm/dp_mst: Fix drm RAD print (Wayne Lin) - drm/bridge: ti-sn65dsi86: Fix multiple instances (Geert Uytterhoeven) - ASoC: ti: j721e-evm: Fix clock configuration for ti,j7200-cpb-audio compatible (Jayesh Choudhary) - ALSA: hda/realtek: Always honor no_shutup_pins (Takashi Iwai) - HID: remove superfluous (and wrong) Makefile entry for CONFIG_INTEL_ISH_FIRMWARE_DOWNLOADER (JiriKosina) - media: platform: allgro-dvt: unregister v4l2_device on the error path (Joe Hattori) - perf/ring_buffer: Allow the EPOLLRDNORM flag for poll (Tao Chen) - lockdep: Don't disable interrupts on RT in disable_irq_nosync_lockdep.*() (Sebastian Andrzej Siewior) - PM: sleep: Fix handling devices with direct_complete set on errors (Rafael J. Wysocki) - thermal: int340x: Add NULL check for adev (Chenyuan Yang) - EDAC/ie31200: Fix the error path order of ie31200_init() (Qiuxu Zhuo) - EDAC/ie31200: Fix the DIMM size mask for several SoCs (Qiuxu Zhuo) - EDAC/ie31200: Fix the size of EDAC_MC_LAYER_CHIP_SELECT layer (Qiuxu Zhuo) - selinux: Chain up tool resolving errors in install_policy.sh (Tim Schumacher) - PM: sleep: Adjust check before setting power.must_resume (Rafael J. Wysocki) - x86/platform: Only allow CONFIG_EISA for 32-bit (Arnd Bergmann) - x86/fpu: Avoid copying dynamic FP state from init_task in arch_dup_task_struct() (Benjamin Berg) - cpufreq: governor: Fix negative 'idle_time' handling in dbs_update() (Jie Zhan) - cpufreq: scpi: compare kHz instead of Hz (zuoqian) - x86/mm/pat: cpa-test: fix length for CPA_ARRAY test (Mike Rapoport (Microsoft)) - watch_queue: fix pipe accounting mismatch (Eric Sandeen) - media: i2c: et8ek8: Don't strip remove function when driver is builtin (Uwe Kleine-König) - memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (Luo Qiu) - net: usb: qmi_wwan: add Telit Cinterion FE990B composition (Fabio Porcedda) - net: usb: qmi_wwan: add Telit Cinterion FN990B composition (Fabio Porcedda) - tty: serial: 8250: Add Brainboxes XC devices (Cameron Williams) - tty: serial: 8250: Add some more device IDs (Cameron Williams) - counter: microchip-tcb-capture: Fix undefined counter channel state on probe (William Breathitt Gray) - counter: stm32-lptimer-cnt: fix error handling when enabling (Fabrice Gasnier) - ALSA: hda/realtek: Support mute LED on HP Laptop 15s-du3xxx (Dhruv Deshpande) - netfilter: socket: Lookup orig tuple for IPv6 SNAT (Maxim Mikityanskiy) - ARM:Remove address checking for MMUless devices (Yanjun Yang) - ARM: 9351/1: fault: Add "cut here" line for prefetch aborts (Kees Cook) - ARM: 9350/1: fault: Implement copy_from_kernel_nofault_allowed() (Kees Cook) - atm: Fix NULL pointer dereference (Minjoong Kim) - HID: hid-plantronics: Add mic mute mapping and generalize quirks (Terry Junge) - ALSA: usb-audio: Add quirk for Plantronics headsets to fix control names (Terry Junge) - bpf, sockmap: Fix race between element replace and close() (Michal Luczaj) - Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE (Luiz Augusto von Dentz) {CVE-2024-8805} - arm64: dts: rockchip: fix u2phy1_host status for NanoPi R4S (Justin Klaassen) - mptcp: Fix data stream corruption in the address announcement (Arthur Mongodin) - drm/amdgpu: Fix JPEG video caps max size for navi1x and raven (David Rosca) - drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() (Nikita Zhandarovich) - soc: qcom: pdr: Fix the potential deadlock (Saranya R) - batman-adv: Ignore own maximum aggregation size during RX (Sven Eckelmann) - ARM: shmobile: smp: Enforce shmobile_smp_* alignment (Geert Uytterhoeven) - proc: fix UAF in proc_get_inode() (Ye Bin) - mmc: atmel-mci: Add missing clk_disable_unprepare() (Gu Bowen) - regulator: check that dummy regulator has been probed before using it (Christian Eggers) - drm/v3d: Don't run jobs that have errors flagged in its fence (Maíra Canal) - i2c: omap: fix IRQ storms (Andreas Kemnade) - Revert "gre: Fix IPv6 link-local address generation." (Guillaume Nault) - net/neighbor: add missing policy for NDTPA_QUEUE_LENBYTES (Lin Ma) - net: atm: fix use after free in lec_send() (Dan Carpenter) - ipv6: Set errno after ip_fib_metrics_init() in ip6_route_info_create(). (Kuniyuki Iwashima) - ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw(). (Kuniyuki Iwashima) - Bluetooth: Fix error code in chan_alloc_skb_cb() (Dan Carpenter) - RDMA/hns: Fix wrong value of max_sge_rd (Junxian Huang) - RDMA/hns: Fix a missing rollback in error path ofhns_roce_create_qp_common() (Junxian Huang) - RDMA/hns: Fix unmatched condition in error path of alloc_user_qp_db() (Junxian Huang) - RDMA/hns: Fix soft lockup during bt pages loop (Junxian Huang) - RDMA/hns: Remove redundant 'phy_addr' in hns_roce_hem_list_find_mtt() (Chengchang Tang) - RDMA/bnxt_re: Avoid clearing VLAN_ID mask in modify qp path (Saravanan Vajravel) - ARM: dts: bcm2711: Don't mark timer regs unconfigured (Phil Elwell) - RDMA/bnxt_re: Add missing paranthesis in map_qp_id_to_tbl_indx (Kashyap Desai) - ARM: dts: bcm2711: PL011 UARTs are actually r1p5 (Phil Elwell) - xfrm_output: Force software GSO only in tunnel mode (Cosmin Ratiu) - firmware: imx-scu: fix OF node leak in .probe() (Joe Hattori) - smb: client: fix potential UAF in cifs_debug_files_proc_show() (Paulo Alcantara) - smb: client: Fix match_session bug preventing session reuse (Henrique Carvalho) - drm/amd/display: Fix null check for pipe_ctx-> plane_state in resource_build_scaling_params (Ma Ke) - drm/amd/display: Check for invalid input params when building scaling params (Michael Strauss) - i2c: sis630: Fix an error handling path in sis630_probe() (Christophe JAILLET) - i2c: ali15x3: Fix an error handling path in ali15x3_probe() (Christophe JAILLET) - i2c: ali1535: Fix an error handling path in ali1535_probe() (Christophe JAILLET) - cifs: Fix integer overflow while processing closetimeo mount option (Murad Masimov) - cifs: Fix integer overflow while processing actimeo mount option (Murad Masimov) - cifs: Fix integer overflow while processing acdirmax mount option (Murad Masimov) - cifs: Fix integer overflow while processing acregmax mount option (Murad Masimov) - ASoC: codecs: wm0010: Fix error handling path in wm0010_spi_probe() (Christophe JAILLET) - drm/gma500: Add NULL check for pci_gfx_root in mid_get_vbt_data() (Ivan Abramov) - ASoC: ops: Consistently treat platform_max as control value (Charles Keepax) - tcp: fix races in tcp_abort() (Eric Dumazet) - lib/buildid: Handle memfd_secret() files in build_id_parse() (AndriiNakryiko) - qlcnic: fix memory leak issues in qlcnic_sriov_common.c (Haoxiang Li) - drm/amd/display: Fix slab-use-after-free on hdcp_work (Mario Limonciello) - drm/amd/display: Assign normalized_pix_clk when color depth = 14 (Alex Hung) - drm/amd/display: Restore correct backlight brightness after a GPU reset (Mario Limonciello) - drm/atomic: Filter out redundant DPMS calls (Ville Syrjälä) - x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes (Florent Revest) - USB: serial: option: match on interface class for Telit FN990B (Johan Hovold) - USB: serial: option: fix Telit Cinterion FE990A name (Fabio Porcedda) - USB: serial: option: add Telit Cinterion FE990B compositions (Fabio Porcedda) - USB: serial: ftdi_sio: add support for Altera USB Blaster 3 (Boon Khai Ng) - block: fix 'kmem_cache of name 'bio-108' already exists' (Ming Lei) - drm/nouveau: Do not override forced connector status (Thomas Zimmermann) - mptcp: safety check before fallback (Matthieu Baerts (NGI0)) - x86/irq: Define trace events conditionally (Arnd Bergmann) - fuse: don't truncate cached, mutated symlink (Miklos Szeredi) - ASoC: tas2764: Set the SDOUT polarity correctly (Hector Martin) - ASoC: tas2764: Fix power control mask (Hector Martin) - ASoC: tas2770: Fix volume scale (Hector Martin) - nvme: only allow entering LIVE from CONNECTING state (Daniel Wagner) - sctp: Fix undefined behavior in left shift operation (Yu-Chun Lin) - nvmet-rdma: recheck queue state is LIVE in state lock in recv done (Ruozhu Li) - net: wwan: mhi_wwan_mbim: Silence sequence number glitch errors (Stephan Gerhold) - ASoC: SOF: Intel: hda: add softdep pre to snd-hda-codec-hdmi module (Terry Cheong) - ASoC: arizona/madera: use fsleep() in up/down DAPM event delays. (Vitaly Rodionov) - ASoC: rsnd: don't indicate warning on rsnd_kctrl_accept_runtime() (Kuninori Morimoto) - thermal/cpufreq_cooling: Remove structure member documentation (Daniel Lezcano) - s390/cio: Fix CHPID "configure" attribute caching (Peter Oberparleiter) - sched: Clarifywake_up_q()'s write to task-> wake_q.next (Jann Horn) - HID: ignore non-functional sensor in HP 5MP Camera (Chia-Lin Kao (AceLan)) - HID: intel-ish-hid: fix the length of MNG_SYNC_FW_CLOCK in doorbell (Zhang Lixu) - vboxsf: fix building with GCC 15 (Brahmajit Das) - alpha/elf: Fix misc/setarch test of util-linux by removing 32bit support (Eric W. Biederman) - ACPI: resource: IRQ override for Eluktronics MECH-17 (Gannon Kolding) - scsi: qla1280: Fix kernel oops when debug level > 2 (Magnus Lindholm) - scsi: core: Use GFP_NOIO to avoid circular locking dependency (Rik van Riel) - iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() (Chengen Du) - powercap: call put_device() on an error path in powercap_register_control_type() (Joe Hattori) - hrtimers: Mark is_migration_base() with __always_inline (Andy Shevchenko) - nvme-fc: go straight to connecting state when initializing (Daniel Wagner) - net/mlx5e: Prevent bridge link show failure for non-eswitch-allowed devices (Carolina Jubran) - net/mlx5: Bridge, fix the crash caused by LAG state check (Jianbo Liu) - net: openvswitch: remove misbehaving actions length check (Ilya Maximets) - openvswitch: Use kmalloc_size_roundup() to match ksize() usage (Kees Cook) - slab: Introduce kmalloc_size_roundup() (Kees Cook) - gre: Fix IPv6 link-local address generation. (Guillaume Nault) - netfilter: nft_exthdr: fix offset with ipv4_find_option() (Alexey Kashavkin) - net_sched: Prevent creation of classes with TC_H_ROOT (Cong Wang) - ipvs: prevent integer overflow in do_ip_vs_get_ctl() (Dan Carpenter) - netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree() (Kohei Enju) - net/mlx5: handle errors in mlx5_chains_create_table() (Wentao Liang) - Drivers: hv: vmbus: Don't release fb_mmio resource in vmbus_free_mmio() (Michael Kelley) - netpoll: hold rcu read lock in __netpoll_send_skb() (Breno Leitao) - net: dsa: mv88e6xxx: Verify after ATU Load ops (Joseph Huang) - ice: fix memory leak in aRFS after reset (Grzegorz Nitka) -netfilter: nft_ct: Use __refcount_inc() for per-CPU nft_ct_pcpu_template. (Sebastian Andrzej Siewior) - pinctrl: bcm281xx: Fix incorrect regmap max_registers value (Artur Weber) - fbdev: hyperv_fb: iounmap() the correct memory when removing a device (Michael Kelley) - ipv6: Fix signed integer overflow in __ip6_append_data (Wang Yufen) - sched/isolation: Prevent boot crash when the boot CPU is nohz_full (Oleg Nesterov) - clockevents/drivers/i8253: Fix stop sequence for timer 0 (David Woodhouse) - vlan: fix memory leak in vlan_newlink() (Eric Dumazet) [5.15.0-309.179.1.el8uek] - x86/microcode/AMD: Clean the cache if update did not load microcode (Boris Ostrovsky) [Orabug: 37800728] - x86/microcode/AMD: Add finalize_late_load() microcode_op (Boris Ostrovsky) [Orabug: 37800728] - x86/microcode/AMD: Extend the SHA check to Zen5, block loading of any unreleased standalone Zen5 microcode patches (Borislav Petkov (AMD)) [Orabug: 37800728] - x86/microcode/AMD: Add some forgotten models to the SHA check (Borislav Petkov (AMD)) [Orabug: 37800728] - x86/microcode/AMD: Load only SHA256-checksummed patches (Borislav Petkov (AMD)) [Orabug: 37800728] - x86/microcode/AMD: Flush patch buffer mapping after application (Borislav Petkov (AMD)) [Orabug: 37800728] - x86/microcode/AMD: Stash BSP's CPUID(1).EAX (Boris Ostrovsky) [Orabug: 37800728] _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Essential kernel patches for Oracle Linux 8 have been released to address vulnerabilities. Immediate implementations are required.. Oracle Linux updates, kernel security patches, Linux kernel upgrades. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 10, 2025 Important Oracle
100

SUSE Linux Micro 6.0: 2025:20042-1 important: SELinux policy patch

* bsc#1210717 * bsc#1215405 * bsc#1225984 * bsc#1227930 * bsc#1228247 . # Security update for selinux-policy Announcement ID: SUSE-SU-2025:20042-1 Release Date: 2025-02-03T08:54:23Z Rating: important References: * bsc#1210717 * bsc#1215405 * bsc#1225984 * bsc#1227930 * bsc#1228247 * bsc#1229132 Affected Products: * SUSE Linux Micro 6.0 An update that has six fixes can now be installed. ## Description: This update for selinux-policy fixes the following issues: Update to version 20230523+git25.ad22dd7f: * Backport wtmpdb label change to have the same wtmpdb label as in SL Micro 6.1 (bsc#1229132) * Add auth_rw_wtmpdb_login_records to domains using auth_manage_login_records * Add auth_rw_wtmpdb_login_records to modules * Allow xdm_t to read-write to wtmpdb (bsc#1225984) * Introduce types for wtmpdb and rw interface * Introduce wtmp_file_type attribute * Revert "Add policy for wtmpdb (bsc#1210717)" Update to version 20230523+git18.f44daf8a: * Provide type for sysstat lock files (bsc#1228247) Update to version 20230523+git16.0849f54c: * allow firewalld access to /dev/random and write HW acceleration logs (bsc#1215405, bsc#1227930) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-43=1 ## Package List: * SUSE Linux Micro 6.0 (noarch) * selinux-policy-20230523+git25.ad22dd7f-1.1 * selinux-policy-targeted-20230523+git25.ad22dd7f-1.1 * selinux-policy-devel-20230523+git25.ad22dd7f-1.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1210717 * https://bugzilla.suse.com/show_bug.cgi?id=1215405 * https://bugzilla.suse.com/show_bug.cgi?id=1225984 * https://bugzilla.suse.com/show_bug.cgi?id=1227930 * https://bugzilla.suse.com/show_bug.cgi?id=1228247 *https://bugzilla.suse.com/show_bug.cgi?id=1229132 . This notice emphasizes significant enhancements to SELinux policies for SUSE Linux Micro 6.0, focusing on essential corrections.. SUSE Linux Micro, SELinux Policy, Important Updates. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 04, 2025 Important SuSE
100

SUSE Linux Micro 6.0 Advisory: 2025:20187-1 Important TCP and Net Fixes

* bsc#1235218 * bsc#1235916 Cross-References: * CVE-2024-56600 . # Security update for kernel-livepatch-MICRO-6-0_Update_4 Announcement ID: SUSE-SU-2025:20187-1 Release Date: 2025-04-17T09:25:13Z Rating: important References: * bsc#1235218 * bsc#1235916 Cross-References: * CVE-2024-56600 * CVE-2024-57882 CVSS scores: * CVE-2024-56600 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56600 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56600 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56600 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57882 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57882 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-57882 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_4 fixes the following issues: * CVE-2024-56600: net: inet6: Fixed dangling sk pointer in inet6_create() (bsc#1235218). * CVE-2024-57882: mptcp: Fixed TCP options overflow (bsc#1235916). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-13=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-6_4_0-24-default-2-1.2 * kernel-livepatch-MICRO-6-0_Update_4-debugsource-2-1.2 * kernel-livepatch-6_4_0-24-default-debuginfo-2-1.2 ## References: * https://www.suse.com/security/cve/CVE-2024-56600.html * https://www.suse.com/security/cve/CVE-2024-57882.html * https://bugzilla.suse.com/show_bug.cgi?id=1235218 *https://bugzilla.suse.com/show_bug.cgi?id=1235916 . Key challenges confronted in SUSE Linux Micro 6.0 regarding kernel-livepatch. Update now to mitigate potential vulnerabilities.. SUSE Linux Micro, Kernel Livepatch, Security Patch, Important Fix. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 04, 2025 Important SuSE
100

SUSE: 2025:01744-1 important: python313-setuptools path issue

* bsc#1243313 Cross-References: * CVE-2025-47273 . # Security update for python313-setuptools Announcement ID: SUSE-SU-2025:01744-1 Release Date: 2025-05-29T11:48:52Z Rating: important References: * bsc#1243313 Cross-References: * CVE-2025-47273 CVSS scores: * CVE-2025-47273 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-47273 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-47273 ( NVD ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Python 3 Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for python313-setuptools fixes the following issues: * CVE-2025-47273: path traversal in PackageIndex.download may lead to an arbitrary file write (bsc#1243313). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Python 3 Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2025-1744=1 ## Package List: * Python 3 Module 15-SP7 (noarch) * python313-setuptools-72.1.0-150700.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-47273.html * https://bugzilla.suse.com/show_bug.cgi?id=1243313 . An important update for python313-setuptools mitigates a directory traversal vulnerability in SUSE Linux, reinforcing system protection.. python313-setuptools, SUSE update, path traversal risk, security patch, Linux security. . Severity: Important.LinuxSecurity.com Team

Calendar%202 May 29, 2025 Important SuSE
202

openSUSE Leap 15.5: SUSE-SU-2025:01655-1 important: Kernel Patch

An update that solves three vulnerabilities can now be installed.. # Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:01655-1 Release Date: 2025-05-22T12:33:45Z Rating: important References: * bsc#1229504 * bsc#1233019 * bsc#1234847 Cross-References: * CVE-2024-43882 * CVE-2024-50115 * CVE-2024-53156 CVSS scores: * CVE-2024-43882 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50115 ( SUSE ): 4.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H * CVE-2024-50115 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H * CVE-2024-50115 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_68 fixes several issues. The following security issues were fixed: * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234847). * CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage (bsc#1229504). * CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1233019). ## Patch Instructions: To install this SUSEupdate use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1655=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-1655=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_15-debugsource-15-150500.2.2 * kernel-livepatch-5_14_21-150500_55_68-default-debuginfo-15-150500.2.2 * kernel-livepatch-5_14_21-150500_55_68-default-15-150500.2.2 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_15-debugsource-15-150500.2.2 * kernel-livepatch-5_14_21-150500_55_68-default-debuginfo-15-150500.2.2 * kernel-livepatch-5_14_21-150500_55_68-default-15-150500.2.2 ## References: * https://www.suse.com/security/cve/CVE-2024-43882.html * https://www.suse.com/security/cve/CVE-2024-50115.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://bugzilla.suse.com/show_bug.cgi?id=1229504 * https://bugzilla.suse.com/show_bug.cgi?id=1233019 * https://bugzilla.suse.com/show_bug.cgi?id=1234847 . This critical announcement pertains to vulnerabilities in the Linux Kernel, impacting various SUSE versions and their live patching capabilities.. Linux Kernel Patch, openSUSE Security Update, Live Patching, SUSE Linux Security, Kernel Vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar%202 May 22, 2025 Important OpenSUSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200