Explore top 10 tips to secure your open-source projects now. Read More
×An update that solves 40 vulnerabilities, contains one feature and has 17 security fixes can now be installed.. # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:1573-1 Release Date: 2026-04-23T15:52:41Z Rating: important References: * bsc#1226591 * bsc#1243208 * bsc#1245728 * bsc#1251135 * bsc#1251971 * bsc#1252073 * bsc#1252266 * bsc#1252803 * bsc#1253049 * bsc#1253129 * bsc#1255687 * bsc#1256504 * bsc#1256647 * bsc#1256690 * bsc#1257466 * bsc#1257472 * bsc#1257506 * bsc#1257561 * bsc#1257682 * bsc#1257773 * bsc#1257777 * bsc#1258280 * bsc#1258303 * bsc#1258305 * bsc#1258330 * bsc#1258337 * bsc#1258414 * bsc#1258424 * bsc#1258447 * bsc#1258476 * bsc#1259188 * bsc#1259580 * bsc#1259707 * bsc#1259795 * bsc#1259797 * bsc#1259865 * bsc#1259866 * bsc#1259886 * bsc#1259889 * bsc#1259891 * bsc#1259997 * bsc#1259998 * bsc#1260005 * bsc#1260009 * bsc#1260347 * bsc#1260464 * bsc#1260471 * bsc#1260481 * bsc#1260486 * bsc#1260500 * bsc#1260562 * bsc#1260730 * bsc#1260732 * bsc#1260735 * bsc#1260799 * bsc#1261496 * bsc#1261498 * jsc#PED-15582 Cross-References: * CVE-2024-38542 * CVE-2025-39998 * CVE-2025-68794 * CVE-2025-71231 * CVE-2025-71268 * CVE-2025-71269 * CVE-2026-23030 * CVE-2026-23047 * CVE-2026-23103 * CVE-2026-23120 * CVE-2026-23136 * CVE-2026-23140 * CVE-2026-23187 * CVE-2026-23193 * CVE-2026-23201 * CVE-2026-23215 * CVE-2026-23216 * CVE-2026-23231 * CVE-2026-23242 * CVE-2026-23243 * CVE-2026-23255 * CVE-2026-23259 * CVE-2026-23270 * CVE-2026-23272 * CVE-2026-23274 * CVE-2026-23277 * CVE-2026-23278 * CVE-2026-23281 * CVE-2026-23292 * CVE-2026-23293 * CVE-2026-23317 * CVE-2026-23319 * CVE-2026-23361 * CVE-2026-23379 * CVE-2026-23381 * CVE-2026-23386 * CVE-2026-23398 * CVE-2026-23413 * CVE-2026-23414 * CVE-2026-31788 CVSS scores: * CVE-2024-38542 ( SUSE ): 6.1CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-38542 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-39998 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-39998 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-68794 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68794 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-71231 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-71231 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71231 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-71268 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-71268 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71269 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-71269 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23030 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23030 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23047 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23047 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23103 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23103 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23103 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23103 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23120 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23120 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23120 ( NVD ): 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23136 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23136 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23136 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23136 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23140 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23140 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23140 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23187 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23187 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-23187 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23193 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-23193 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23193 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23201 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23201 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23201 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23215 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23215 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23215 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23216 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23216 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23216 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23231 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23231 ( SUSE ): 7.0CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23231 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23231 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23242 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23242 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23242 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23255 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23255 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23259 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23259 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23270 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23270 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23272 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23272 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23272 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23277 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23277 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23278 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N *CVE-2026-23278 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23278 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23281 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23281 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23292 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23292 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23293 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23293 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23319 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23319 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23361 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-23361 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2026-23379 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23381 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23386 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23386 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23398 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23398 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23413 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23413 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23414 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23414 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31788 ( NVD ): 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Real Time Module 15-SP7 An update that solves 40 vulnerabilities, contains one feature and has 17 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2025-39998: scsi: target: target_core_configfs: Add length check to avoid buffer overflow (bsc#1252073). * CVE-2025-68794: iomap: adjust read range correctly for non-block-aligned positions (bsc#1256647). * CVE-2025-71268: btrfs: fix reservation leak in some error paths when inserting inline extent (bsc#1259865). * CVE-2025-71269: btrfs: do not free data reservation in fallback from inline due to -ENOSPC (bsc#1259889). * CVE-2026-23030: phy: rockchip: inno-usb2: Fix a double free bug in rockchip_usb2phy_probe() (bsc#1257561). * CVE-2026-23047: libceph: make calc_target() set t-> paused, not just clear it (bsc#1257682). * CVE-2026-23103: ipvlan: Make the addrs_lock be per port (bsc#1257773). * CVE-2026-23120: l2tp: avoid one data-race in l2tp_tunnel_del_work() (bsc#1258280). * CVE-2026-23136: libceph: reset sparse-read state in osd_fault() (bsc#1258303). * CVE-2026-23140: bpf, test_run: Subtract size of xdp_frame from allowed metadata size (bsc#1258305). * CVE-2026-23187: pmdomain: imx8m-blk-ctrl: fix out-of-range access of bc-> domains (bsc#1258330). * CVE-2026-23193: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (bsc#1258414). * CVE-2026-23201: ceph: fix oops due to invalidpointer for kfree() in parse_longname() (bsc#1258337). * CVE-2026-23215: x86/vmware: Fix hypercall clobbers (bsc#1258476). * CVE-2026-23216: scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() (bsc#1258447). * CVE-2026-23231: netfilter: nf_tables: fix use-after-free in nf_tables_addchain() (bsc#1259188). * CVE-2026-23242: RDMA/siw: Fix potential NULL pointer dereference in header processing (bsc#1259795). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259797). * CVE-2026-23255: net: add proper RCU protection to /proc/net/ptype (bsc#1259891). * CVE-2026-23259: io_uring/rw: free potentially allocated iovec on cache put failure (bsc#1259866). * CVE-2026-23270: net/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks (bsc#1259886). * CVE-2026-23272: netfilter: nf_tables: unconditionally bump set-> nelems before insertion (bsc#1260009). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260005). * CVE-2026-23277: net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit (bsc#1259997). * CVE-2026-23278: netfilter: nf_tables: always walk all pending catchall elements (bsc#1259998). * CVE-2026-23281: wifi: libertas: fix use-after-free in lbs_free_adapter() (bsc#1260464). * CVE-2026-23292: scsi: target: Fix recursive locking in __configfs_open_file() (bsc#1260500). * CVE-2026-23293: net: vxlan: fix nd_tbl NULL dereference when IPv6 is disabled (bsc#1260486). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260562). * CVE-2026-23319: bpf: Fix a UAF issue in bpf_trampoline_link_cgroup_shim (bsc#1260735). * CVE-2026-23361: PCI: dwc: ep: Flush MSI-X write before unmapping its ATU entry (bsc#1260732). * CVE-2026-23379: net/sched: ets: fix divide by zero in the offload path (bsc#1260481). * CVE-2026-23381: net: bridge: fix nd_tbl NULLdereference when IPv6 is disabled (bsc#1260471). * CVE-2026-23386: gve: fix incorrect buffer cleanup in gve_tx_clean_pending_packets for QPL (bsc#1260799). * CVE-2026-23398: icmp: fix NULL pointer dereference in icmp_tag_validation() (bsc#1260730). * CVE-2026-23413: clsact: Fix use-after-free in init/destroy rollback asymmetry (bsc#1261498). * CVE-2026-23414: tls: Purge async_hold in tls_decrypt_async_wait() (bsc#1261496). * CVE-2026-31788: xen/privcmd: restrict usage in unprivileged domU (bsc#1259707). The following non-security bugs were fixed: * ACPI: EC: clean up handlers on probe failure in acpi_ec_setup() (git-fixes). * ACPI: OSI: Add DMI quirk for Acer Aspire One D255 (stable-fixes). * ACPI: PM: Save NVS memory on Lenovo G70-35 (stable-fixes). * ACPI: processor: Fix previous acpi_processor_errata_piix4() fix (git-fixes). * ALSA: caiaq: fix stack out-of-bounds read in init_card (git-fixes). * ALSA: firewire-lib: fix uninitialized local variable (git-fixes). * ALSA: hda/conexant: Add quirk for HP ZBook Studio G4 (stable-fixes). * ALSA: hda/conexant: Fix headphone jack handling on Acer Swift SF314 (stable- fixes). * ALSA: hda/realtek: Add headset jack quirk for Thinkpad X390 (stable-fixes). * ALSA: hda/realtek: add HP Laptop 14s-dr5xxx mute LED quirk (stable-fixes). * ALSA: hda: cs35l56: Fix signedness error in cs35l56_hda_posture_put() (git- fixes). * ALSA: pci: hda: use snd_kcontrol_chip() (stable-fixes). * ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain() (git-fixes). * ALSA: usb-audio: Check endpoint numbers at parsing Scarlett2 mixer interfaces (stable-fixes). * ASoC: Intel: boards: fix unmet dependency on PINCTRL (git-fixes). * ASoC: Intel: catpt: Fix the device initialization (git-fixes). * ASoC: SOF: ipc4-topology: Allow bytes controls without initial payload (git- fixes). * ASoC: adau1372: Fix clock leak on PLL lock failure (git-fixes). * ASoC: adau1372: Fix uncheckedclk_prepare_enable() return value (git-fixes). * ASoC: amd: acp-mach-common: Add missing error check for clock acquisition (git-fixes). * ASoC: amd: acp3x-rt5682-max9836: Add missing error check for clock acquisition (git-fixes). * ASoC: amd: yc: Add ASUS EXPERTBOOK BM1503CDA to quirk table (stable-fixes). * ASoC: amd: yc: Add DMI quirk for ASUS EXPERTBOOK PM1503CDA (stable-fixes). * ASoC: cs42l43: Report insert for exotic peripherals (stable-fixes). * ASoC: detect empty DMI strings (git-fixes). * ASoC: ep93xx: Fix unchecked clk_prepare_enable() and add rollback on failure (git-fixes). * ASoC: fsl_easrc: Fix event generation in fsl_easrc_iec958_put_bits() (stable-fixes). * ASoC: fsl_easrc: Fix event generation in fsl_easrc_iec958_set_reg() (stable- fixes). * ASoC: qcom: qdsp6: Fix q6apm remove ordering during ADSP stop and start (git-fixes). * ASoC: soc-core: drop delayed_work_pending() check before flush (git-fixes). * ASoC: soc-core: flush delayed work before removing DAIs and widgets (git- fixes). * Bluetooth: HIDP: Fix possible UAF (git-fixes). * Bluetooth: ISO: Fix defer tests being unstable (git-fixes). * Bluetooth: L2CAP: Fix ERTM re-init and zero pdu_len infinite loop (git- fixes). * Bluetooth: L2CAP: Fix accepting multiple L2CAP_ECRED_CONN_REQ (git-fixes). * Bluetooth: L2CAP: Fix null-ptr-deref on l2cap_sock_ready_cb (git-fixes). * Bluetooth: L2CAP: Fix send LE flow credits in ACL link (git-fixes). * Bluetooth: L2CAP: Fix stack-out-of-bounds read in l2cap_ecred_conn_req (git- fixes). * Bluetooth: L2CAP: Fix type confusion in l2cap_ecred_reconf_rsp() (git- fixes). * Bluetooth: L2CAP: Fix use-after-free in l2cap_unregister_user (git-fixes). * Bluetooth: L2CAP: Validate L2CAP_INFO_RSP payload length before access (git- fixes). * Bluetooth: L2CAP: Validate PDU length before reading SDU length in l2cap_ecred_data_rcv() (git-fixes). * Bluetooth: LE L2CAP: Disconnect if received packet's SDU exceeds IMTU (git- fixes). * Bluetooth: LE L2CAP: Disconnect if sum of payload sizes exceed SDU (git- fixes). * Bluetooth: MGMT: Fix dangling pointer on mgmt_add_adv_patterns_monitor_complete (git-fixes). * Bluetooth: MGMT: Fix list corruption and UAF in command complete handlers (git-fixes). * Bluetooth: MGMT: validate LTK enc_size on load (git-fixes). * Bluetooth: MGMT: validate mesh send advertising payload length (git-fixes). * Bluetooth: Remove 3 repeated macro definitions (stable-fixes). * Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold (git-fixes). * Bluetooth: SCO: fix race conditions in sco_sock_connect() (git-fixes). * Bluetooth: SMP: derive legacy responder STK authentication from MITM state (git-fixes). * Bluetooth: SMP: force responder MITM requirements before building the pairing response (git-fixes). * Bluetooth: SMP: make SM/PER/KDU/BI-04-C happy (git-fixes). * Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock (git-fixes). * Bluetooth: btusb: clamp SCO altsetting table indices (git-fixes). * Bluetooth: hci_conn: fix potential UAF in set_cig_params_sync (git-fixes). * Bluetooth: hci_event: fix potential UAF in hci_le_remote_conn_param_req_evt (git-fixes). * Bluetooth: hci_ll: Fix firmware leak on error path (git-fixes). * Bluetooth: hci_sync: Fix hci_le_create_conn_sync (git-fixes). * Bluetooth: hci_sync: Remove remaining dependencies of hci_request (stable- fixes). * Bluetooth: hci_sync: call destroy in hci_cmd_sync_run if immediate (git- fixes). * Bluetooth: qca: fix ROM version reading on WCN3998 chips (git-fixes). * Drivers: hv: fix missing kernel-doc description for 'size' in request_arr_init() (git-fixes). * Drivers: hv: remove stale comment (git-fixes). * Drivers: hv: vmbus: Clean up sscanf format specifier in target_cpu_store() (git-fixes). * Drivers: hv: vmbus: Fix sysfs output format for ring buffer index (git- fixes). * Drivers: hv: vmbus: Fix typos invmbus_drv.c (git-fixes). * HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them (stable-fixes). * HID: apple: avoid memory leak in apple_report_fixup() (stable-fixes). * HID: asus: avoid memory leak in asus_report_fixup() (stable-fixes). * HID: magicmouse: avoid memory leak in magicmouse_report_fixup() (stable- fixes). * HID: mcp2221: cancel last I2C command on read error (stable-fixes). * Input: synaptics-rmi4 - fix a locking bug in an error path (git-fixes). * NFC: nxp-nci: allow GPIOs to sleep (git-fixes). * NFC: pn533: bound the UART receive buffer (git-fixes). * PCI: Update BAR # and window messages (stable-fixes). * PCI: hv: Correct a comment (git-fixes). * PCI: hv: Remove unnecessary flex array in struct pci_packet (git-fixes). * PCI: hv: Remove unused field pci_bus in struct hv_pcibus_device (git-fixes). * PCI: hv: remove unnecessary module_init/exit functions (git-fixes). * PM: runtime: Fix a race condition related to device removal (git-fixes). * RDMA/mana_ib: Access remote atomic for MRs (bsc#1251135). * RDMA/mana_ib: Add EQ creation for rnic adapter (git-fixes). * RDMA/mana_ib: Add device statistics support (git-fixes). * RDMA/mana_ib: Add device-memory support (git-fixes). * RDMA/mana_ib: Add port statistics support (git-fixes). * RDMA/mana_ib: Add support of 4M, 1G, and 2G pages (git-fixes). * RDMA/mana_ib: Add support of mana_ib for RNIC and ETH nic (git-fixes). * RDMA/mana_ib: Adding and deleting GIDs (git-fixes). * RDMA/mana_ib: Allow registration of DMA-mapped memory in PDs (git-fixes). * RDMA/mana_ib: Configure mac address in RNIC (git-fixes). * RDMA/mana_ib: Create and destroy RC QP (git-fixes). * RDMA/mana_ib: Create and destroy UD/GSI QP (git-fixes). * RDMA/mana_ib: Create and destroy rnic adapter (git-fixes). * RDMA/mana_ib: Drain send wrs of GSI QP (git-fixes). * RDMA/mana_ib: Enable RoCE on port 1 (git-fixes). * RDMA/mana_ib: Extend modify QP (git-fixes). * RDMA/mana_ib: Fix DSCP value in modify QP(git-fixes). * RDMA/mana_ib: Fix error code in probe() (git-fixes). * RDMA/mana_ib: Fix integer overflow during queue creation (bsc#1251135). * RDMA/mana_ib: Fix missing ret value (git-fixes). * RDMA/mana_ib: Handle net event for pointing to the current netdev (bsc#1256690). * RDMA/mana_ib: Implement DMABUF MR support (git-fixes). * RDMA/mana_ib: Implement port parameters (git-fixes). * RDMA/mana_ib: Implement uapi to create and destroy RC QP (git-fixes). * RDMA/mana_ib: Introduce helpers to create and destroy mana queues (git- fixes). * RDMA/mana_ib: Introduce mana_ib_get_netdev helper function (git-fixes). * RDMA/mana_ib: Introduce mana_ib_install_cq_cb helper function (git-fixes). * RDMA/mana_ib: Introduce mdev_to_gc helper function (git-fixes). * RDMA/mana_ib: Modify QP state (git-fixes). * RDMA/mana_ib: Process QP error events in mana_ib (git-fixes). * RDMA/mana_ib: Query feature_flags bitmask from FW (git-fixes). * RDMA/mana_ib: Set correct device into ib (git-fixes). * RDMA/mana_ib: Take CQ type from the device type (git-fixes). * RDMA/mana_ib: UD/GSI QP creation for kernel (git-fixes). * RDMA/mana_ib: UD/GSI work requests (git-fixes). * RDMA/mana_ib: Use num_comp_vectors of ib_device (git-fixes). * RDMA/mana_ib: Use safer allocation function() (bsc#1251135). * RDMA/mana_ib: Use struct mana_ib_queue for CQs (git-fixes). * RDMA/mana_ib: Use struct mana_ib_queue for RAW QPs (git-fixes). * RDMA/mana_ib: Use struct mana_ib_queue for WQs (git-fixes). * RDMA/mana_ib: add additional port counters (bsc#1251135). * RDMA/mana_ib: add support of multiple ports (bsc#1251135). * RDMA/mana_ib: check cqe length for kernel CQs (git-fixes). * RDMA/mana_ib: create EQs for RNIC CQs (git-fixes). * RDMA/mana_ib: create and destroy RNIC cqs (git-fixes). * RDMA/mana_ib: create kernel-level CQs (git-fixes). * RDMA/mana_ib: create/destroy AH (git-fixes). * RDMA/mana_ib: extend mana QP table (git-fixes). * RDMA/mana_ib: extend query device (git-fixes). *RDMA/mana_ib: helpers to allocate kernel queues (git-fixes). * RDMA/mana_ib: implement get_dma_mr (git-fixes). * RDMA/mana_ib: implement req_notify_cq (git-fixes). * RDMA/mana_ib: implement uapi for creation of rnic cq (git-fixes). * RDMA/mana_ib: indicate CM support (git-fixes). * RDMA/mana_ib: introduce a helper to remove cq callbacks (git-fixes). * RDMA/mana_ib: polling of CQs for GSI/UD (git-fixes). * RDMA/mana_ib: remove useless return values from dbg prints (git-fixes). * RDMA/mana_ib: request error CQEs when supported (git-fixes). * RDMA/mana_ib: set node_guid (git-fixes). * RDMA/mana_ib: support of the zero based MRs (bsc#1251135). * RDMA/mana_ib: unify mana_ib functions to support any gdma device (git- fixes). * Remove "scsi: Fix sas_user_scan() to handle wildcard and multi-channel scans)" changes (bsc#1257506). * Revert "drm/i915/display: Add quirk to skip retraining of dp link" (bsc#1253129). * Revert "drm: Fix use-after-free on framebuffers and property blobs when calling drm_dev_unplug" (git-fixes). * USB: add QUIRK_NO_BOS for video capture several devices (stable-fixes). * USB: core: Limit the length of unkillable synchronous timeouts (git-fixes). * USB: dummy-hcd: Fix interrupt synchronization error (git-fixes). * USB: dummy-hcd: Fix locking/synchronization error (git-fixes). * USB: ezcap401 needs USB_QUIRK_NO_BOS to function on 10gbs usb speed (stable- fixes). * USB: serial: f81232: fix incomplete serial port generation (stable-fixes). * USB: usbcore: Introduce usb_bulk_msg_killable() (git-fixes). * USB: usbtmc: Use usb_bulk_msg_killable() with user-specified timeouts (git- fixes). * accel/qaic: Handle DBC deactivation if the owner went away (git-fixes). * bonding: do not set usable_slaves for broadcast mode (git-fixes). * btrfs: fix zero size inode with non-zero size after log replay (git-fixes). * btrfs: log new dentries when logging parent dir of a conflicting inode (git- fixes). * btrfs: tracepoints: get correctsuperblock from dentry in event btrfs_sync_file() (bsc#1257777). * can: gw: fix OOB heap access in cgw_csum_crc8_rel() (git-fixes). * can: isotp: fix tx.buf use-after-free in isotp_sendmsg() (git-fixes). * cifs: Fix locking usage for tcon fields (git-fixes). * cifs: force interface update before a fresh session setup (git-fixes). * cifs: make default value of retrans as zero (git-fixes). * cifs: some missing initializations on replay (git-fixes). * comedi: Reinit dev-> spinlock between attachments to low-level drivers (git- fixes). * comedi: me4000: Fix potential overrun of firmware buffer (git-fixes). * comedi: me_daq: Fix potential overrun of firmware buffer (git-fixes). * comedi: ni_atmio16d: Fix invalid clean-up after failed attach (git-fixes). * cpufreq/amd-pstate: Remove the redundant verify() function (bsc#1252803). * cpufreq/amd-pstate: Set the initial min_freq to lowest_nonlinear_freq (bsc#1252803). * crypto: af-alg - fix NULL pointer dereference in scatterwalk (git-fixes). * crypto: caam - fix DMA corruption on long hmac keys (git-fixes). * crypto: caam - fix overflow on long hmac keys (git-fixes). * dmaengine: idxd: Fix freeing the allocated ida too late (git-fixes). * dmaengine: idxd: Fix leaking event log memory (git-fixes). * dmaengine: idxd: Fix memory leak when a wq is reset (git-fixes). * dmaengine: idxd: Fix not releasing workqueue on .release() (git-fixes). * dmaengine: idxd: Remove usage of the deprecated ida_simple_xx() API (stable- fixes). * dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc() (git-fixes). * dmaengine: sh: rz-dmac: Move CHCTRL updates under spinlock (git-fixes). * dmaengine: sh: rz-dmac: Protect the driver specific lists (git-fixes). * dmaengine: xilinx: xdma: Fix regmap init error handling (git-fixes). * dmaengine: xilinx: xilinx_dma: Fix dma_device directions (git-fixes). * dmaengine: xilinx: xilinx_dma: Fix residue calculation for cyclic DMA (git- fixes). * dmaengine:xilinx: xilinx_dma: Fix unmasked residue subtraction (git-fixes). * drm/amd/display: Add pixel_clock to amd_pp_display_configuration (stable- fixes). * drm/amd/display: Do not skip unrelated mode changes in DSC validation (git- fixes). * drm/amd/display: Fallback to boot snapshot for dispclk (stable-fixes). * drm/amd/display: Fix DisplayID not-found handling in parse_edid_displayid_vrr() (git-fixes). * drm/amd/display: Wrap dcn32_override_min_req_memclk() in DC_FP_{START, END} (git-fixes). * drm/amd/pm: add missing od setting PP_OD_FEATURE_ZERO_FAN_BIT for smu v14 (git-fixes). * drm/amd/pm: remove invalid gpu_metrics.energy_accumulator on smu v13.0.x (stable-fixes). * drm/amd: Set num IP blocks to 0 if discovery fails (stable-fixes). * drm/amd: fix dcn 2.01 check (git-fixes). * drm/amdgpu/gmc9.0: add bounds checking for cid (stable-fixes). * drm/amdgpu/mmhub2.0: add bounds checking for cid (stable-fixes). * drm/amdgpu/mmhub2.3: add bounds checking for cid (stable-fixes). * drm/amdgpu/mmhub3.0.1: add bounds checking for cid (stable-fixes). * drm/amdgpu/mmhub3.0.2: add bounds checking for cid (stable-fixes). * drm/amdgpu/mmhub3.0: add bounds checking for cid (stable-fixes). * drm/amdgpu/mmhub4.1.0: add bounds checking for cid (stable-fixes). * drm/amdgpu/vcn5: Add SMU dpm interface type (stable-fixes). * drm/amdgpu: Change AMDGPU_VA_RESERVED_TRAP_SIZE to 64KB (git-fixes). * drm/amdgpu: Fix fence put before wait in amdgpu_amdkfd_submit_ib (git- fixes). * drm/amdgpu: Fix kernel-doc comments for some LUT properties (git-fixes). * drm/amdgpu: Fix use-after-free race in VM acquire (stable-fixes). * drm/amdgpu: apply state adjust rules to some additional HAINAN vairants (stable-fixes). * drm/amdgpu: fix gpu idle power consumption issue for gfx v12 (stable-fixes). * drm/amdgpu: keep vga memory on MacBooks with switchable graphics (stable- fixes). * drm/amdgpu: prevent immediate PASID reuse case (stable-fixes). * drm/amdkfd: Unreservebo if queue update failed (git-fixes). * drm/ast: dp501: Fix initialization of SCU2C (git-fixes). * drm/bridge: ti-sn65dsi83: fix CHA_DSI_CLK_RANGE rounding (git-fixes). * drm/bridge: ti-sn65dsi86: Add support for DisplayPort mode with HPD (stable- fixes). * drm/exynos/vidi: Remove redundant error handling in vidi_get_modes() (stable-fixes). * drm/exynos: vidi: fix to avoid directly dereferencing user pointer (stable- fixes). * drm/exynos: vidi: use ctx-> lock to protect struct vidi_context member variables related to memory alloc/free (stable-fixes). * drm/i915/display: Add module param to skip retraining of dp link (bsc#1253129). * drm/i915/dp: Use crtc_state-> enhanced_framing properly on ivb/hsw CPU eDP (git-fixes). * drm/i915/dp_tunnel: Fix error handling when clearing stream BW in atomic state (git-fixes). * drm/i915/dsc: Add Selective Update register definitions (stable-fixes). * drm/i915/dsc: Add helper for writing DSC Selective Update ET parameters (stable-fixes). * drm/i915/dsi: Do not do DSC horizontal timing adjustments in command mode (git-fixes). * drm/i915/gmbus: fix spurious timeout on 512-byte burst reads (git-fixes). * drm/i915/gt: Check set_default_submission() before deferencing (git-fixes). * drm/imagination: Fix deadlock in soft reset sequence (git-fixes). * drm/ioc32: stop speculation on the drm_compat_ioctl path (git-fixes). * drm/msm/dsi: Document DSC related pclk_rate and hdisplay calculations (stable-fixes). * drm/msm/dsi: fix hdisplay calculation when programming dsi registers (git- fixes). * drm/msm/dsi: fix pclk rate calculation for bonded dsi (git-fixes). * drm/msm: Fix dma_free_attrs() buffer size (git-fixes). * drm/radeon: apply state adjust rules to some additional HAINAN vairants (stable-fixes). * drm/ttm/tests: Fix build failure on PREEMPT_RT (stable-fixes). * drm/xe/oa: Allow reading after disabling OA stream (git-fixes). * drm/xe/reg_sr: Fix leak on xa_store failure (git-fixes). * drm/xe: Do not preempt fence signaling CS instructions (git-fixes). * drm/xe: Open-code GGTT MMIO access protection (git-fixes). * drm: Fix use-after-free on framebuffers and property blobs when calling drm_dev_unplug (git-fixes). * firmware: arm_scpi: Fix device_node reference leak in probe path (git- fixes). * gpio: mxc: map Both Edge pad wakeup to Rising Edge (git-fixes). * hv/hv_kvp_daemon: Handle IPv4 and Ipv6 combination for keyfile format (git- fixes). * hv/hv_kvp_daemon: Pass NIC name to hv_get_dns_info as well (git-fixes). * hwmon: (adm1177) fix sysfs ABI violation and current unit conversion (git- fixes). * hwmon: (axi-fan-control) Make use of dev_err_probe() (stable-fixes). * hwmon: (axi-fan-control) Use device firmware agnostic API (stable-fixes). * hwmon: (occ) Fix division by zero in occ_show_power_1() (git-fixes). * hwmon: (occ) Fix missing newline in occ_show_extended() (git-fixes). * hwmon: (peci/cputemp) Fix crit_hyst returning delta instead of absolute temperature (git-fixes). * hwmon: (peci/cputemp) Fix off-by-one in cputemp_is_visible() (git-fixes). * hwmon: (pmbus/isl68137) Add mutex protection for AVS enable sysfs attributes (git-fixes). * hwmon: (pmbus/isl68137) Fix unchecked return value and use sysfs_emit() (git-fixes). * hwmon: (pxe1610) Check return value of page-select write in probe (git- fixes). * hwmon: (tps53679) Fix device ID comparison and printing in tps53676_identify() (git-fixes). * hwmon: axi-fan: do not use driver_override as IRQ name (git-fixes). * i2c: cp2615: fix serial string NULL-deref at probe (git-fixes). * i2c: cp2615: replace deprecated strncpy with strscpy (stable-fixes). * i2c: fsi: Fix a potential leak in fsi_i2c_probe() (git-fixes). * i2c: pxa: defer reset on Armada 3700 when recovery is used (git-fixes). * idpf: nullify pointers after they are freed (git-fixes). * iio: accel: fix ADXL355 temperature signature value (git-fixes). * iio: adc: ti-adc161s626: fix buffer read onbig-endian (git-fixes). * iio: chemical: bme680: Fix measurement wait duration calculation (git- fixes). * iio: chemical: sps30_i2c: fix buffer size in sps30_i2c_read_meas() (git- fixes). * iio: chemical: sps30_serial: fix buffer size in sps30_serial_read_meas() (git-fixes). * iio: dac: ad5770r: fix error return in ad5770r_read_raw() (git-fixes). * iio: dac: ds4424: reject -128 RAW value (git-fixes). * iio: frequency: adf4377: Fix duplicated soft reset mask (git-fixes). * iio: gyro: mpu3050-core: fix pm_runtime error handling (git-fixes). * iio: gyro: mpu3050-i2c: fix pm_runtime error handling (git-fixes). * iio: gyro: mpu3050: Fix incorrect free_irq() variable (git-fixes). * iio: gyro: mpu3050: Fix irq resource leak (git-fixes). * iio: gyro: mpu3050: Fix out-of-sequence free_irq() (git-fixes). * iio: gyro: mpu3050: Move iio_device_register() to correct location (git- fixes). * iio: imu: bmi160: Remove potential undefined behavior in bmi160_config_pin() (git-fixes). * iio: imu: bno055: fix BNO055_SCAN_CH_COUNT off by one (git-fixes). * iio: imu: inv_icm42600: fix odr switch to the same value (git-fixes). * iio: imu: st_lsm6dsx: Set FIFO ODR for accelerometer and gyroscope only (git-fixes). * iio: light: vcnl4035: fix scan buffer on big-endian (git-fixes). * iio: potentiometer: mcp4131: fix double application of wiper shift (git- fixes). * irqchip/qcom-mpm: Add missing mailbox TX done acknowledgment (git-fixes). * mac80211: fix crash in ieee80211_chan_bw_change for AP_VLAN stations (stable-fixes). * media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex (git- fixes). * media: tegra-video: Use accessors for pad config 'try_*' fields (stable- fixes). * mfd: omap-usb-host: Convert to platform remove callback returning void (stable-fixes). * mfd: omap-usb-host: Fix OF populate on driver rebind (git-fixes). * mfd: qcom-pm8xxx: Convert to platform remove callback returning void (stable-fixes). * mfd:qcom-pm8xxx: Fix OF populate on driver rebind (git-fixes). * misc: fastrpc: possible double-free of cctx-> remote_heap (git-fixes). * mmc: sdhci-pci-gli: fix GL9750 DMA write corruption (git-fixes). * mmc: sdhci: fix timing selection for 1-bit bus width (git-fixes). * mtd: Avoid boot crash in RedBoot partition table parser (git-fixes). * mtd: rawnand: brcmnand: skip DMA during panic write (git-fixes). * mtd: rawnand: cadence: Fix error check for dma_alloc_coherent() in cadence_nand_init() (git-fixes). * mtd: rawnand: pl353: make sure optimal timings are applied (git-fixes). * mtd: rawnand: serialize lock/unlock against other NAND operations (git- fixes). * mtd: spi-nor: core: avoid odd length/address reads on 8D-8D-8D mode (stable- fixes). * mtd: spi-nor: core: avoid odd length/address writes in 8D-8D-8D mode (stable-fixes). * net/mana: Null service_wq on setup error to prevent double destroy (git- fix). * net/mana: Null service_wq on setup error to prevent double destroy (git- fixes). * net/mlx5: Fix crash when moving to switchdev mode (git-fixes). * net/rose: fix NULL pointer dereference in rose_transmit_link on reconnect (git-fixes). * net/x25: Fix overflow when accumulating packets (git-fixes). * net/x25: Fix potential double free of skb (git-fixes). * net: mana: Add metadata support for xdp mode (git-fixes). * net: mana: Add standard counter rx_missed_errors (git-fixes). * net: mana: Add support for auxiliary device servicing events (bsc#1251971). * net: mana: Change the function signature of mana_get_primary_netdev_rcu (bsc#1256690). * net: mana: Drop TX skb on post_work_request failure and unmap resources (git-fixes). * net: mana: Fix double destroy_workqueue on service rescan PCI path (git- fixes). * net: mana: Fix use-after-free in reset service rescan path (git-fixes). * net: mana: Fix warnings for missing export.h header inclusion (git-fixes). * net: mana: Handle Reset Request from MANA NIC (bsc#1245728bsc#1251971). * net: mana: Handle SKB if TX SGEs exceed hardware limit (git-fixes). * net: mana: Handle hardware recovery events when probing the device (bsc#1257466). * net: mana: Handle unsupported HWC commands (git-fixes). * net: mana: Implement ndo_tx_timeout and serialize queue resets per port (bsc#1257472). * net: mana: Move hardware counter stats from per-port to per-VF context (git- fixes). * net: mana: Probe rdma device in mana driver (git-fixes). * net: mana: Reduce waiting time if HWC not responding (bsc#1252266). * net: mana: Ring doorbell at 4 CQ wraparounds (git-fixes). * net: mana: Support HW link state events (bsc#1253049). * net: mana: Trigger VF reset/recovery on health check failure due to HWC timeout (bsc#1259580). * net: mana: Use mana_cleanup_port_context() for rxq cleanup (git-fixes). * net: mana: fix spelling for mana_gd_deregiser_irq() (git-fixes). * net: mana: fix use-after-free in add_adev() error path (git-fixes). * net: mana: fix use-after-free in mana_hwc_destroy_channel() by reordering teardown (git-fixes). * net: mana: use ethtool string helpers (git-fixes). * net: usb: aqc111: Do not perform PM inside suspend callback (git-fixes). * net: usb: cdc_ncm: add ndpoffset to NDP16 nframes bounds check (git-fixes). * net: usb: cdc_ncm: add ndpoffset to NDP32 nframes bounds check (git-fixes). * net: usb: pegasus: validate USB endpoints (stable-fixes). * nfc: nci: fix circular locking dependency in nci_close_device (git-fixes). * nvme: add support for dynamic quirk configuration via module parameter (bsc#1243208). * nvme: expose active quirks in sysfs (bsc#1243208). Refresh: * nvme: fix memory leak in quirks_param_set() (bsc#1243208). * phy: ti: j721e-wiz: Fix device node reference leak in wiz_get_lane_phy_types() (git-fixes). * pinctrl: equilibrium: fix warning trace on load (git-fixes). * pinctrl: equilibrium: rename irq_chip function callbacks (stable-fixes). * pinctrl: mediatek: common: Fix probe failurefor devices without EINT (git- fixes). * pinctrl: qcom: spmi-gpio: implement .get_direction() (git-fixes). * platform/olpc: olpc-xo175-ec: Fix overflow error message to print inlen (git-fixes). * platform/x86: ISST: Correct locked bit width (git-fixes). * platform/x86: dell-wmi: Add audio/mic mute key codes (stable-fixes). * platform/x86: intel-hid: Add Dell 14 Plus 2-in-1 to dmi_vgbs_allow_list (stable-fixes). * platform/x86: intel-hid: Enable 5-button array on ThinkPad X1 Fold 16 Gen 1 (stable-fixes). * platform/x86: touchscreen_dmi: Add quirk for y-inverted Goodix touchscreen on SUPI S10 (stable-fixes). * regmap: Synchronize cache for the page selector (git-fixes). * regulator: pca9450: Correct interrupt type (git-fixes). * regulator: pca9450: Make IRQ optional (stable-fixes). * s390/debug: Pass in and enforce output buffer size for format handlers (jsc#PED-15582). * scsi: hisi_sas: Fix NULL pointer exception during user_scan() (bsc#1255687). * scsi: scsi_transport_sas: Fix the maximum channel scanning issue (bsc#1255687, git-fixes). * scsi: storvsc: Remove redundant ternary operators (git-fixes). * serial: 8250: Add late synchronize_irq() to shutdown to handle DW UART BUSY (git-fixes). * serial: 8250: Fix TX deadlock when using DMA (git-fixes). * serial: 8250_pci: add support for the AX99100 (stable-fixes). * serial: uartlite: fix PM runtime usage count underflow on probe (git-fixes). * smb: client: add proper locking around ses-> iface_last_update (git-fixes). * smb: client: fix broken multichannel with krb5+signing (git-fixes). * smb: client: fix cifs_pick_channel when channels are equally loaded (git- fixes). * smb: client: fix in-place encryption corruption in SMB2_write() (git-fixes). * smb: client: fix krb5 mount with username option (git-fixes). * smb: client: prevent races in -> query_interfaces() (git-fixes). * soc: aspeed: socinfo: Mask table entries for accurate SoC ID matching (git- fixes). * soc: fsl:qbman: fix race condition in qman_destroy_fq (git-fixes). * spi: fix statistics allocation (git-fixes). * spi: fix use-after-free on controller registration failure (git-fixes). * spi: spi-fsl-lpspi: fix teardown order issue (UAF) (git-fixes). * staging: rtl8723bs: properly validate the data in rtw_get_ie_ex() (stable- fixes). * thunderbolt: Fix property read in nhi_wake_supported() (git-fixes). * tools/hv: add a .gitignore file (git-fixes). * tools/hv: reduce resouce usage in hv_get_dns_info helper (git-fixes). * tools/hv: reduce resource usage in hv_kvp_daemon (git-fixes). * tools: hv: Enable debug logs for hv_kvp_daemon (git-fixes). * tools: hv: lsvmbus: change shebang to use python3 (git-fixes). * usb/core/quirks: Add Huawei ME906S-device to wakeup quirk (stable-fixes). * usb: cdc-acm: Restore CAP_BRK functionnality to CH343 (git-fixes). * usb: cdns3: call cdns_power_is_lost() only once in cdns_resume() (stable- fixes). * usb: cdns3: fix role switching during resume (git-fixes). * usb: cdns3: gadget: fix NULL pointer dereference in ep_queue (git-fixes). * usb: cdns3: gadget: fix state inconsistency on gadget init failure (git- fixes). * usb: cdns3: remove redundant if branch (stable-fixes). * usb: class: cdc-wdm: fix reordering issue in read code path (git-fixes). * usb: core: do not power off roothub PHYs if phy_set_mode() fails (git- fixes). * usb: core: new quirk to handle devices with zero configurations (stable- fixes). * usb: core: phy: avoid double use of 'usb3-phy' (git-fixes). * usb: dwc2: gadget: Fix spin_lock/unlock mismatch in dwc2_hsotg_udc_stop() (git-fixes). * usb: dwc3: pci: add support for the Intel Nova Lake -H (stable-fixes). * usb: ehci-brcm: fix sleep during atomic (git-fixes). * usb: gadget: f_mass_storage: Fix potential integer overflow in check_command_size_in_blocks() (git-fixes). * usb: gadget: f_rndis: Protect RNDIS options with mutex (git-fixes). * usb: gadget: f_subset: Fix unbalanced refcnt ingeth_free (git-fixes). * usb: gadget: u_ether: Fix race between gether_disconnect and eth_stop (git- fixes). * usb: gadget: uvc: fix NULL pointer dereference during unbind race (git- fixes). * usb: image: mdc800: kill download URB on timeout (stable-fixes). * usb: mdc800: handle signal and read racing (stable-fixes). * usb: misc: uss720: properly clean up reference in uss720_probe() (stable- fixes). * usb: renesas_usbhs: fix use-after-free in ISR during device removal (git- fixes). * usb: roles: get usb role switch from parent only for usb-b-connector (git- fixes). * usb: ulpi: fix double free in ulpi_register_interface() error path (git- fixes). * usb: usbtmc: Flush anchored URBs in usbtmc_release (git-fixes). * usb: xhci: Fix memory leak in xhci_disable_slot() (git-fixes). * usb: xhci: Prevent interrupt storm on host controller error (HCE) (stable- fixes). * usb: yurex: fix race in probe (stable-fixes). * vhost: fix caching attributes of MMIO regions by setting them explicitly (git-fixes). * vmw_vsock: bypass false-positive Wnonnull warning with gcc-16 (git-fixes). * watchdog/perf: properly initialize the turbo mode timestamp and rearm counter (bsc#1256504). * wifi: ath11k: Pass the correct value of each TID during a stop AMPDU session (git-fixes). * wifi: cfg80211: cancel pmsr_free_wk in cfg80211_pmsr_wdev_down (git-fixes). * wifi: iwlwifi: mvm: fix potential out-of-bounds read in iwl_mvm_nd_match_info_handler() (git-fixes). * wifi: mac80211: Fix static_branch_dec() underflow for aql_disable (git- fixes). * wifi: mac80211: fix NULL deref in mesh_matches_local() (git-fixes). * wifi: mac80211: set default WMM parameters on all links (stable-fixes). * wifi: wilc1000: fix u8 overflow in SSID scan buffer size calculation (git- fixes). * wifi: wlcore: Return -ENOMEM instead of -EAGAIN if there is not enough headroom (git-fixes). * x86/platform/uv: Handle deconfigured sockets (bsc#1260347). * xen/privcmd:unregister xenstore notifier on module exit (git-fixes). * xenbus: Use .freeze/.thaw to handle xenbus devices (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2026-1573=1 * SUSE Real Time Module 15-SP7 zypper in -t patch SUSE-SLE-Module-RT-15-SP7-2026-1573=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP7 (x86_64) * kernel-livepatch-SLE15-SP7-RT_Update_11-debugsource-1-150700.1.3.1 * kernel-livepatch-6_4_0-150700_7_37-rt-1-150700.1.3.1 * kernel-livepatch-6_4_0-150700_7_37-rt-debuginfo-1-150700.1.3.1 * SUSE Real Time Module 15-SP7 (x86_64) * dlm-kmp-rt-6.4.0-150700.7.37.2 * dlm-kmp-rt-debuginfo-6.4.0-150700.7.37.2 * kernel-syms-rt-6.4.0-150700.7.37.1 * cluster-md-kmp-rt-debuginfo-6.4.0-150700.7.37.2 * kernel-rt-devel-debuginfo-6.4.0-150700.7.37.2 * kernel-rt-devel-6.4.0-150700.7.37.2 * ocfs2-kmp-rt-6.4.0-150700.7.37.2 * kernel-rt-debugsource-6.4.0-150700.7.37.2 * ocfs2-kmp-rt-debuginfo-6.4.0-150700.7.37.2 * cluster-md-kmp-rt-6.4.0-150700.7.37.2 * gfs2-kmp-rt-6.4.0-150700.7.37.2 * kernel-rt-debuginfo-6.4.0-150700.7.37.2 * gfs2-kmp-rt-debuginfo-6.4.0-150700.7.37.2 * SUSE Real Time Module 15-SP7 (noarch) * kernel-devel-rt-6.4.0-150700.7.37.2 * kernel-source-rt-6.4.0-150700.7.37.2 * SUSE Real Time Module 15-SP7 (nosrc x86_64) * kernel-rt-6.4.0-150700.7.37.2 ## References: * https://www.suse.com/security/cve/CVE-2024-38542.html * https://www.suse.com/security/cve/CVE-2025-39998.html * https://www.suse.com/security/cve/CVE-2025-68794.html * https://www.suse.com/security/cve/CVE-2025-71231.html *https://www.suse.com/security/cve/CVE-2025-71268.html * https://www.suse.com/security/cve/CVE-2025-71269.html * https://www.suse.com/security/cve/CVE-2026-23030.html * https://www.suse.com/security/cve/CVE-2026-23047.html * https://www.suse.com/security/cve/CVE-2026-23103.html * https://www.suse.com/security/cve/CVE-2026-23120.html * https://www.suse.com/security/cve/CVE-2026-23136.html * https://www.suse.com/security/cve/CVE-2026-23140.html * https://www.suse.com/security/cve/CVE-2026-23187.html * https://www.suse.com/security/cve/CVE-2026-23193.html * https://www.suse.com/security/cve/CVE-2026-23201.html * https://www.suse.com/security/cve/CVE-2026-23215.html * https://www.suse.com/security/cve/CVE-2026-23216.html * https://www.suse.com/security/cve/CVE-2026-23231.html * https://www.suse.com/security/cve/CVE-2026-23242.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23255.html * https://www.suse.com/security/cve/CVE-2026-23259.html * https://www.suse.com/security/cve/CVE-2026-23270.html * https://www.suse.com/security/cve/CVE-2026-23272.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23277.html * https://www.suse.com/security/cve/CVE-2026-23278.html * https://www.suse.com/security/cve/CVE-2026-23281.html * https://www.suse.com/security/cve/CVE-2026-23292.html * https://www.suse.com/security/cve/CVE-2026-23293.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-23319.html * https://www.suse.com/security/cve/CVE-2026-23361.html * https://www.suse.com/security/cve/CVE-2026-23379.html * https://www.suse.com/security/cve/CVE-2026-23381.html * https://www.suse.com/security/cve/CVE-2026-23386.html * https://www.suse.com/security/cve/CVE-2026-23398.html * https://www.suse.com/security/cve/CVE-2026-23413.html * https://www.suse.com/security/cve/CVE-2026-23414.html *https://www.suse.com/security/cve/CVE-2026-31788.html * https://bugzilla.suse.com/show_bug.cgi?id=1226591 * https://bugzilla.suse.com/show_bug.cgi?id=1243208 * https://bugzilla.suse.com/show_bug.cgi?id=1245728 * https://bugzilla.suse.com/show_bug.cgi?id=1251135 * https://bugzilla.suse.com/show_bug.cgi?id=1251971 * https://bugzilla.suse.com/show_bug.cgi?id=1252073 * https://bugzilla.suse.com/show_bug.cgi?id=1252266 * https://bugzilla.suse.com/show_bug.cgi?id=1252803 * https://bugzilla.suse.com/show_bug.cgi?id=1253049 * https://bugzilla.suse.com/show_bug.cgi?id=1253129 * https://bugzilla.suse.com/show_bug.cgi?id=1255687 * https://bugzilla.suse.com/show_bug.cgi?id=1256504 * https://bugzilla.suse.com/show_bug.cgi?id=1256647 * https://bugzilla.suse.com/show_bug.cgi?id=1256690 * https://bugzilla.suse.com/show_bug.cgi?id=1257466 * https://bugzilla.suse.com/show_bug.cgi?id=1257472 * https://bugzilla.suse.com/show_bug.cgi?id=1257506 * https://bugzilla.suse.com/show_bug.cgi?id=1257561 * https://bugzilla.suse.com/show_bug.cgi?id=1257682 * https://bugzilla.suse.com/show_bug.cgi?id=1257773 * https://bugzilla.suse.com/show_bug.cgi?id=1257777 * https://bugzilla.suse.com/show_bug.cgi?id=1258280 * https://bugzilla.suse.com/show_bug.cgi?id=1258303 * https://bugzilla.suse.com/show_bug.cgi?id=1258305 * https://bugzilla.suse.com/show_bug.cgi?id=1258330 * https://bugzilla.suse.com/show_bug.cgi?id=1258337 * https://bugzilla.suse.com/show_bug.cgi?id=1258414 * https://bugzilla.suse.com/show_bug.cgi?id=1258424 * https://bugzilla.suse.com/show_bug.cgi?id=1258447 * https://bugzilla.suse.com/show_bug.cgi?id=1258476 * https://bugzilla.suse.com/show_bug.cgi?id=1259188 * https://bugzilla.suse.com/show_bug.cgi?id=1259580 * https://bugzilla.suse.com/show_bug.cgi?id=1259707 * https://bugzilla.suse.com/show_bug.cgi?id=1259795 * https://bugzilla.suse.com/show_bug.cgi?id=1259797 * https://bugzilla.suse.com/show_bug.cgi?id=1259865 *https://bugzilla.suse.com/show_bug.cgi?id=1259866 * https://bugzilla.suse.com/show_bug.cgi?id=1259886 * https://bugzilla.suse.com/show_bug.cgi?id=1259889 * https://bugzilla.suse.com/show_bug.cgi?id=1259891 * https://bugzilla.suse.com/show_bug.cgi?id=1259997 * https://bugzilla.suse.com/show_bug.cgi?id=1259998 * https://bugzilla.suse.com/show_bug.cgi?id=1260005 * https://bugzilla.suse.com/show_bug.cgi?id=1260009 * https://bugzilla.suse.com/show_bug.cgi?id=1260347 * https://bugzilla.suse.com/show_bug.cgi?id=1260464 * https://bugzilla.suse.com/show_bug.cgi?id=1260471 * https://bugzilla.suse.com/show_bug.cgi?id=1260481 * https://bugzilla.suse.com/show_bug.cgi?id=1260486 * https://bugzilla.suse.com/show_bug.cgi?id=1260500 * https://bugzilla.suse.com/show_bug.cgi?id=1260562 * https://bugzilla.suse.com/show_bug.cgi?id=1260730 * https://bugzilla.suse.com/show_bug.cgi?id=1260732 * https://bugzilla.suse.com/show_bug.cgi?id=1260735 * https://bugzilla.suse.com/show_bug.cgi?id=1260799 * https://bugzilla.suse.com/show_bug.cgi?id=1261496 * https://bugzilla.suse.com/show_bug.cgi?id=1261498 * https://jira.suse.com/browse/PED-15582 . SUSE 2026-1573-1 addresses 40 vulnerabilities in the kernel, enhancing overall system security.. SUSE Kernel Security System Updates Buffer Overflow Fixes. . Severity: Important. LinuxSecurity.com Team
An update that solves six vulnerabilities can now be installed.. # Security update for the Linux Kernel (Live Patch 28 for SUSE Linux Enterprise 15 SP5) Announcement ID: SUSE-SU-2026:1248-1 Release Date: 2026-04-10T11:04:25Z Rating: important References: * bsc#1252036 * bsc#1252689 * bsc#1256780 * bsc#1257238 * bsc#1258051 * bsc#1258784 Cross-References: * CVE-2025-39973 * CVE-2025-40018 * CVE-2025-71120 * CVE-2026-22999 * CVE-2026-23074 * CVE-2026-23209 CVSS scores: * CVE-2025-39973 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39973 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40018 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40018 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71120 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-71120 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71120 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-22999 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-22999 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-22999 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23074 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23074 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23074 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23074 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23209 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23209 ( NVD ): 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.113 fixes various security issues The following security issues were fixed: * CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252036). * CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252689). * CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256780). * CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257238). * CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1258051). * CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258784). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-1246=1 SUSE-2026-1248=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2026-1246=1 SUSE-SLE- Module-Live-Patching-15-SP5-2026-1248=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_28-debugsource-14-150500.2.1 * kernel-livepatch-5_14_21-150500_55_113-default-debuginfo-14-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_29-debugsource-12-150500.2.1 * kernel-livepatch-5_14_21-150500_55_116-default-debuginfo-12-150500.2.1 *kernel-livepatch-5_14_21-150500_55_113-default-14-150500.2.1 * kernel-livepatch-5_14_21-150500_55_116-default-12-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_28-debugsource-14-150500.2.1 * kernel-livepatch-5_14_21-150500_55_113-default-debuginfo-14-150500.2.1 * kernel-livepatch-5_14_21-150500_55_116-default-debuginfo-12-150500.2.1 * kernel-livepatch-5_14_21-150500_55_113-default-14-150500.2.1 * kernel-livepatch-5_14_21-150500_55_116-default-12-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x) * kernel-livepatch-SLE15-SP5_Update_29-debugsource-12-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39973.html * https://www.suse.com/security/cve/CVE-2025-40018.html * https://www.suse.com/security/cve/CVE-2025-71120.html * https://www.suse.com/security/cve/CVE-2026-22999.html * https://www.suse.com/security/cve/CVE-2026-23074.html * https://www.suse.com/security/cve/CVE-2026-23209.html * https://bugzilla.suse.com/show_bug.cgi?id=1252036 * https://bugzilla.suse.com/show_bug.cgi?id=1252689 * https://bugzilla.suse.com/show_bug.cgi?id=1256780 * https://bugzilla.suse.com/show_bug.cgi?id=1257238 * https://bugzilla.suse.com/show_bug.cgi?id=1258051 * https://bugzilla.suse.com/show_bug.cgi?id=1258784 . Update for SUSE Linux Kernel resolves six important security issues; apply as needed for system protection.. SUSE Linux, Kernel Update, Security Patch, Live Patching, System Security. . Severity: Important. LinuxSecurity.com Team
An update that solves one vulnerability and has one security fix can now be installed.. # Security update for strongswan Announcement ID: SUSE-SU-2026:0978-1 Release Date: 2026-03-23T16:46:25Z Rating: important References: * bsc#1256442 * bsc#1259472 Cross-References: * CVE-2026-25075 CVSS scores: * CVE-2026-25075 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-25075 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-25075 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-25075 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for strongswan fixes the following issues: * CVE-2026-25075: Fixed integer underflow when handling EAP-TTLS AVP (bsc#1259472). Other bug fixes: -Fix rpm scripts to not break swanctl.conf use (bsc#1256442): * Guard rpm migration scripts migrating strongswan.service using ipsec.conf on less than 5.8 to strongswan-starter.service by checking the ipsec.service alias provider. * Call systemd macros for both, strongswan-starter and the strongswan service. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-978=1 *SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-978=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-978=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-978=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-978=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * strongswan-debugsource-5.9.11-150500.5.14.1 * strongswan-5.9.11-150500.5.14.1 * strongswan-nm-5.9.11-150500.5.14.1 * strongswan-ipsec-5.9.11-150500.5.14.1 * strongswan-libs0-debuginfo-5.9.11-150500.5.14.1 * strongswan-libs0-5.9.11-150500.5.14.1 * strongswan-sqlite-5.9.11-150500.5.14.1 * strongswan-mysql-5.9.11-150500.5.14.1 * strongswan-debuginfo-5.9.11-150500.5.14.1 * strongswan-ipsec-debuginfo-5.9.11-150500.5.14.1 * strongswan-nm-debuginfo-5.9.11-150500.5.14.1 * strongswan-sqlite-debuginfo-5.9.11-150500.5.14.1 * strongswan-mysql-debuginfo-5.9.11-150500.5.14.1 * strongswan-hmac-5.9.11-150500.5.14.1 * openSUSE Leap 15.5 (noarch) * strongswan-doc-5.9.11-150500.5.14.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * strongswan-debugsource-5.9.11-150500.5.14.1 * strongswan-5.9.11-150500.5.14.1 * strongswan-ipsec-5.9.11-150500.5.14.1 * strongswan-libs0-debuginfo-5.9.11-150500.5.14.1 * strongswan-libs0-5.9.11-150500.5.14.1 * strongswan-debuginfo-5.9.11-150500.5.14.1 * strongswan-ipsec-debuginfo-5.9.11-150500.5.14.1 * strongswan-hmac-5.9.11-150500.5.14.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * strongswan-doc-5.9.11-150500.5.14.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * strongswan-debugsource-5.9.11-150500.5.14.1 * strongswan-5.9.11-150500.5.14.1 * strongswan-ipsec-5.9.11-150500.5.14.1 * strongswan-libs0-debuginfo-5.9.11-150500.5.14.1 * strongswan-libs0-5.9.11-150500.5.14.1 * strongswan-debuginfo-5.9.11-150500.5.14.1 * strongswan-ipsec-debuginfo-5.9.11-150500.5.14.1 * strongswan-hmac-5.9.11-150500.5.14.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * strongswan-doc-5.9.11-150500.5.14.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * strongswan-debugsource-5.9.11-150500.5.14.1 * strongswan-5.9.11-150500.5.14.1 * strongswan-ipsec-5.9.11-150500.5.14.1 * strongswan-libs0-debuginfo-5.9.11-150500.5.14.1 * strongswan-libs0-5.9.11-150500.5.14.1 * strongswan-debuginfo-5.9.11-150500.5.14.1 * strongswan-ipsec-debuginfo-5.9.11-150500.5.14.1 * strongswan-hmac-5.9.11-150500.5.14.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * strongswan-doc-5.9.11-150500.5.14.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * strongswan-debugsource-5.9.11-150500.5.14.1 * strongswan-5.9.11-150500.5.14.1 * strongswan-ipsec-5.9.11-150500.5.14.1 * strongswan-libs0-debuginfo-5.9.11-150500.5.14.1 * strongswan-libs0-5.9.11-150500.5.14.1 * strongswan-debuginfo-5.9.11-150500.5.14.1 * strongswan-ipsec-debuginfo-5.9.11-150500.5.14.1 * strongswan-hmac-5.9.11-150500.5.14.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * strongswan-doc-5.9.11-150500.5.14.1 ## References: * https://www.suse.com/security/cve/CVE-2026-25075.html * https://bugzilla.suse.com/show_bug.cgi?id=1256442 * https://bugzilla.suse.com/show_bug.cgi?id=1259472 . Update available for strongswan fixing critical integer underflow issue. Important patching recommended for systems.. strongswan update, openSUSE security, integer underflow patch, SUSE advisory. . Severity: Important. LinuxSecurity.com Team
An update that solves four vulnerabilities can now be installed.. # Security update for glibc Announcement ID: SUSE-SU-2026:0896-1 Release Date: 2026-03-13T15:25:51Z Rating: important References: * bsc#1246965 * bsc#1256766 * bsc#1256822 * bsc#1257005 Cross-References: * CVE-2025-15281 * CVE-2025-8058 * CVE-2026-0861 * CVE-2026-0915 CVSS scores: * CVE-2025-15281 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-15281 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-15281 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-8058 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:L/VI:L/VA:H/SC:L/SI:L/SA:H * CVE-2025-8058 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:H * CVE-2025-8058 ( NVD ): 5.9 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:L/VI:L/VA:H/SC:L/SI:L/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-0861 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-0861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-0861 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-0915 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-0915 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-0915 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for glibc fixes the following issues: * CVE-2026-0861: memalign: reinstate alignment overflow check (bsc#1256766) * CVE-2026-0915: resolv: Fix NSS DNS backend for getnetbyaddr (bsc#1256822) * CVE-2025-15281: posix: Reset wordexp_t fields with WRDE_REUSE (bsc#1257005) * CVE-2025-8058: posix: Fix double-free after allocation failure in regcomp (bsc#1246965) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-896=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-896=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-896=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-896=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-896=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-896=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -tpatch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-896=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-896=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-896=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2026-896=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-896=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-896=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-896=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-896=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-896=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-896=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * glibc-locale-base-debuginfo-2.31-150300.98.1 * glibc-profile-2.31-150300.98.1 * glibc-utils-src-debugsource-2.31-150300.98.1 * glibc-devel-debuginfo-2.31-150300.98.1 * glibc-extra-debuginfo-2.31-150300.98.1 * glibc-locale-base-2.31-150300.98.1 * glibc-2.31-150300.98.1 * glibc-locale-2.31-150300.98.1 * glibc-extra-2.31-150300.98.1 * nscd-debuginfo-2.31-150300.98.1 * glibc-devel-static-2.31-150300.98.1 * glibc-debugsource-2.31-150300.98.1 * glibc-debuginfo-2.31-150300.98.1 * glibc-utils-debuginfo-2.31-150300.98.1 * nscd-2.31-150300.98.1 * glibc-utils-2.31-150300.98.1 * glibc-devel-2.31-150300.98.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * glibc-lang-2.31-150300.98.1 * glibc-i18ndata-2.31-150300.98.1 * glibc-info-2.31-150300.98.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * glibc-devel-32bit-2.31-150300.98.1 *glibc-locale-base-32bit-2.31-150300.98.1 * glibc-32bit-debuginfo-2.31-150300.98.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.98.1 * glibc-32bit-2.31-150300.98.1 * glibc-devel-32bit-debuginfo-2.31-150300.98.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * glibc-locale-base-debuginfo-2.31-150300.98.1 * glibc-profile-2.31-150300.98.1 * glibc-utils-src-debugsource-2.31-150300.98.1 * glibc-devel-debuginfo-2.31-150300.98.1 * glibc-extra-debuginfo-2.31-150300.98.1 * glibc-locale-base-2.31-150300.98.1 * glibc-2.31-150300.98.1 * glibc-locale-2.31-150300.98.1 * glibc-extra-2.31-150300.98.1 * nscd-debuginfo-2.31-150300.98.1 * glibc-devel-static-2.31-150300.98.1 * glibc-debugsource-2.31-150300.98.1 * glibc-debuginfo-2.31-150300.98.1 * glibc-utils-debuginfo-2.31-150300.98.1 * nscd-2.31-150300.98.1 * glibc-utils-2.31-150300.98.1 * glibc-devel-2.31-150300.98.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * glibc-lang-2.31-150300.98.1 * glibc-i18ndata-2.31-150300.98.1 * glibc-info-2.31-150300.98.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * glibc-devel-32bit-2.31-150300.98.1 * glibc-locale-base-32bit-2.31-150300.98.1 * glibc-32bit-debuginfo-2.31-150300.98.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.98.1 * glibc-32bit-2.31-150300.98.1 * glibc-devel-32bit-debuginfo-2.31-150300.98.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * glibc-locale-base-debuginfo-2.31-150300.98.1 * glibc-profile-2.31-150300.98.1 * glibc-utils-src-debugsource-2.31-150300.98.1 * glibc-devel-debuginfo-2.31-150300.98.1 * glibc-extra-debuginfo-2.31-150300.98.1 * glibc-locale-base-2.31-150300.98.1 * glibc-2.31-150300.98.1 * glibc-locale-2.31-150300.98.1 * glibc-extra-2.31-150300.98.1 * nscd-debuginfo-2.31-150300.98.1 *glibc-devel-static-2.31-150300.98.1 * glibc-debugsource-2.31-150300.98.1 * glibc-debuginfo-2.31-150300.98.1 * glibc-utils-debuginfo-2.31-150300.98.1 * nscd-2.31-150300.98.1 * glibc-utils-2.31-150300.98.1 * glibc-devel-2.31-150300.98.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * glibc-lang-2.31-150300.98.1 * glibc-i18ndata-2.31-150300.98.1 * glibc-info-2.31-150300.98.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * glibc-devel-32bit-2.31-150300.98.1 * glibc-locale-base-32bit-2.31-150300.98.1 * glibc-32bit-debuginfo-2.31-150300.98.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.98.1 * glibc-32bit-2.31-150300.98.1 * glibc-devel-32bit-debuginfo-2.31-150300.98.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * glibc-locale-base-debuginfo-2.31-150300.98.1 * glibc-profile-2.31-150300.98.1 * glibc-utils-src-debugsource-2.31-150300.98.1 * glibc-devel-debuginfo-2.31-150300.98.1 * glibc-extra-debuginfo-2.31-150300.98.1 * glibc-locale-base-2.31-150300.98.1 * glibc-2.31-150300.98.1 * glibc-locale-2.31-150300.98.1 * glibc-extra-2.31-150300.98.1 * nscd-debuginfo-2.31-150300.98.1 * glibc-devel-static-2.31-150300.98.1 * glibc-debugsource-2.31-150300.98.1 * glibc-debuginfo-2.31-150300.98.1 * glibc-utils-debuginfo-2.31-150300.98.1 * nscd-2.31-150300.98.1 * glibc-utils-2.31-150300.98.1 * glibc-devel-2.31-150300.98.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * glibc-lang-2.31-150300.98.1 * glibc-i18ndata-2.31-150300.98.1 * glibc-info-2.31-150300.98.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * glibc-devel-32bit-2.31-150300.98.1 * glibc-locale-base-32bit-2.31-150300.98.1 * glibc-32bit-debuginfo-2.31-150300.98.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.98.1 * glibc-32bit-2.31-150300.98.1 * glibc-devel-32bit-debuginfo-2.31-150300.98.1 * SUSE LinuxEnterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * glibc-locale-base-debuginfo-2.31-150300.98.1 * glibc-profile-2.31-150300.98.1 * glibc-utils-src-debugsource-2.31-150300.98.1 * glibc-devel-debuginfo-2.31-150300.98.1 * glibc-extra-debuginfo-2.31-150300.98.1 * glibc-locale-base-2.31-150300.98.1 * glibc-2.31-150300.98.1 * glibc-locale-2.31-150300.98.1 * glibc-extra-2.31-150300.98.1 * nscd-debuginfo-2.31-150300.98.1 * glibc-devel-static-2.31-150300.98.1 * glibc-debugsource-2.31-150300.98.1 * glibc-debuginfo-2.31-150300.98.1 * glibc-utils-debuginfo-2.31-150300.98.1 * nscd-2.31-150300.98.1 * glibc-utils-2.31-150300.98.1 * glibc-devel-2.31-150300.98.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * glibc-lang-2.31-150300.98.1 * glibc-i18ndata-2.31-150300.98.1 * glibc-info-2.31-150300.98.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * glibc-devel-32bit-2.31-150300.98.1 * glibc-locale-base-32bit-2.31-150300.98.1 * glibc-32bit-debuginfo-2.31-150300.98.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.98.1 * glibc-32bit-2.31-150300.98.1 * glibc-devel-32bit-debuginfo-2.31-150300.98.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * glibc-locale-base-debuginfo-2.31-150300.98.1 * glibc-profile-2.31-150300.98.1 * glibc-utils-src-debugsource-2.31-150300.98.1 * glibc-devel-debuginfo-2.31-150300.98.1 * glibc-extra-debuginfo-2.31-150300.98.1 * glibc-locale-base-2.31-150300.98.1 * glibc-2.31-150300.98.1 * glibc-locale-2.31-150300.98.1 * glibc-extra-2.31-150300.98.1 * nscd-debuginfo-2.31-150300.98.1 * glibc-devel-static-2.31-150300.98.1 * glibc-debugsource-2.31-150300.98.1 * glibc-debuginfo-2.31-150300.98.1 * glibc-utils-debuginfo-2.31-150300.98.1 * nscd-2.31-150300.98.1 * glibc-utils-2.31-150300.98.1 * glibc-devel-2.31-150300.98.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * glibc-lang-2.31-150300.98.1 * glibc-i18ndata-2.31-150300.98.1 * glibc-info-2.31-150300.98.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * glibc-devel-32bit-2.31-150300.98.1 * glibc-locale-base-32bit-2.31-150300.98.1 * glibc-32bit-debuginfo-2.31-150300.98.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.98.1 * glibc-32bit-2.31-150300.98.1 * glibc-devel-32bit-debuginfo-2.31-150300.98.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * glibc-locale-base-debuginfo-2.31-150300.98.1 * glibc-profile-2.31-150300.98.1 * glibc-utils-src-debugsource-2.31-150300.98.1 * glibc-devel-debuginfo-2.31-150300.98.1 * glibc-extra-debuginfo-2.31-150300.98.1 * glibc-locale-base-2.31-150300.98.1 * glibc-2.31-150300.98.1 * glibc-locale-2.31-150300.98.1 * glibc-extra-2.31-150300.98.1 * nscd-debuginfo-2.31-150300.98.1 * glibc-devel-static-2.31-150300.98.1 * glibc-debugsource-2.31-150300.98.1 * glibc-debuginfo-2.31-150300.98.1 * glibc-utils-debuginfo-2.31-150300.98.1 * nscd-2.31-150300.98.1 * glibc-utils-2.31-150300.98.1 * glibc-devel-2.31-150300.98.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * glibc-lang-2.31-150300.98.1 * glibc-i18ndata-2.31-150300.98.1 * glibc-info-2.31-150300.98.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * glibc-devel-32bit-2.31-150300.98.1 * glibc-locale-base-32bit-2.31-150300.98.1 * glibc-32bit-debuginfo-2.31-150300.98.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.98.1 * glibc-32bit-2.31-150300.98.1 * glibc-devel-32bit-debuginfo-2.31-150300.98.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * glibc-locale-base-debuginfo-2.31-150300.98.1 * glibc-locale-base-2.31-150300.98.1 * glibc-2.31-150300.98.1 * glibc-locale-2.31-150300.98.1 * glibc-debugsource-2.31-150300.98.1 * glibc-debuginfo-2.31-150300.98.1 *glibc-devel-2.31-150300.98.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * glibc-locale-base-debuginfo-2.31-150300.98.1 * glibc-locale-base-2.31-150300.98.1 * glibc-2.31-150300.98.1 * glibc-locale-2.31-150300.98.1 * glibc-debugsource-2.31-150300.98.1 * glibc-debuginfo-2.31-150300.98.1 * glibc-devel-2.31-150300.98.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586 i686) * glibc-locale-base-debuginfo-2.31-150300.98.1 * glibc-profile-2.31-150300.98.1 * glibc-devel-debuginfo-2.31-150300.98.1 * glibc-locale-base-2.31-150300.98.1 * glibc-2.31-150300.98.1 * glibc-locale-2.31-150300.98.1 * glibc-devel-static-2.31-150300.98.1 * glibc-debugsource-2.31-150300.98.1 * glibc-debuginfo-2.31-150300.98.1 * glibc-devel-2.31-150300.98.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * glibc-utils-src-debugsource-2.31-150300.98.1 * glibc-extra-debuginfo-2.31-150300.98.1 * nscd-debuginfo-2.31-150300.98.1 * nscd-2.31-150300.98.1 * glibc-extra-2.31-150300.98.1 * glibc-utils-debuginfo-2.31-150300.98.1 * glibc-utils-2.31-150300.98.1 * openSUSE Leap 15.3 (noarch) * glibc-html-2.31-150300.98.1 * glibc-lang-2.31-150300.98.1 * glibc-i18ndata-2.31-150300.98.1 * glibc-info-2.31-150300.98.1 * openSUSE Leap 15.3 (x86_64) * glibc-devel-32bit-2.31-150300.98.1 * glibc-locale-base-32bit-2.31-150300.98.1 * glibc-32bit-debuginfo-2.31-150300.98.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.98.1 * glibc-devel-static-32bit-2.31-150300.98.1 * glibc-profile-32bit-2.31-150300.98.1 * glibc-32bit-2.31-150300.98.1 * glibc-devel-32bit-debuginfo-2.31-150300.98.1 * glibc-utils-32bit-2.31-150300.98.1 * glibc-utils-32bit-debuginfo-2.31-150300.98.1 * openSUSE Leap 15.3 (aarch64_ilp32) * glibc-devel-64bit-2.31-150300.98.1 * glibc-64bit-2.31-150300.98.1 * glibc-devel-64bit-debuginfo-2.31-150300.98.1 *glibc-utils-64bit-debuginfo-2.31-150300.98.1 * glibc-utils-64bit-2.31-150300.98.1 * glibc-64bit-debuginfo-2.31-150300.98.1 * glibc-locale-base-64bit-debuginfo-2.31-150300.98.1 * glibc-profile-64bit-2.31-150300.98.1 * glibc-devel-static-64bit-2.31-150300.98.1 * glibc-locale-base-64bit-2.31-150300.98.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * glibc-locale-base-debuginfo-2.31-150300.98.1 * glibc-devel-debuginfo-2.31-150300.98.1 * glibc-locale-base-2.31-150300.98.1 * glibc-2.31-150300.98.1 * glibc-locale-2.31-150300.98.1 * glibc-debugsource-2.31-150300.98.1 * glibc-debuginfo-2.31-150300.98.1 * glibc-devel-2.31-150300.98.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * glibc-locale-base-debuginfo-2.31-150300.98.1 * glibc-devel-debuginfo-2.31-150300.98.1 * glibc-locale-base-2.31-150300.98.1 * glibc-2.31-150300.98.1 * glibc-locale-2.31-150300.98.1 * glibc-debugsource-2.31-150300.98.1 * glibc-debuginfo-2.31-150300.98.1 * glibc-devel-2.31-150300.98.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * glibc-locale-base-debuginfo-2.31-150300.98.1 * glibc-devel-debuginfo-2.31-150300.98.1 * glibc-locale-base-2.31-150300.98.1 * glibc-2.31-150300.98.1 * glibc-locale-2.31-150300.98.1 * glibc-debugsource-2.31-150300.98.1 * glibc-debuginfo-2.31-150300.98.1 * glibc-devel-2.31-150300.98.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * glibc-locale-base-debuginfo-2.31-150300.98.1 * glibc-devel-debuginfo-2.31-150300.98.1 * glibc-locale-base-2.31-150300.98.1 * glibc-2.31-150300.98.1 * glibc-locale-2.31-150300.98.1 * glibc-debugsource-2.31-150300.98.1 * glibc-debuginfo-2.31-150300.98.1 * glibc-devel-2.31-150300.98.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * glibc-locale-base-debuginfo-2.31-150300.98.1 * glibc-devel-debuginfo-2.31-150300.98.1 *glibc-locale-base-2.31-150300.98.1 * glibc-2.31-150300.98.1 * glibc-locale-2.31-150300.98.1 * glibc-debugsource-2.31-150300.98.1 * glibc-debuginfo-2.31-150300.98.1 * glibc-devel-2.31-150300.98.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * glibc-locale-base-debuginfo-2.31-150300.98.1 * glibc-profile-2.31-150300.98.1 * glibc-utils-src-debugsource-2.31-150300.98.1 * glibc-devel-debuginfo-2.31-150300.98.1 * glibc-extra-debuginfo-2.31-150300.98.1 * glibc-locale-base-2.31-150300.98.1 * glibc-2.31-150300.98.1 * glibc-locale-2.31-150300.98.1 * glibc-extra-2.31-150300.98.1 * nscd-debuginfo-2.31-150300.98.1 * glibc-devel-static-2.31-150300.98.1 * glibc-debugsource-2.31-150300.98.1 * glibc-debuginfo-2.31-150300.98.1 * glibc-utils-debuginfo-2.31-150300.98.1 * nscd-2.31-150300.98.1 * glibc-utils-2.31-150300.98.1 * glibc-devel-2.31-150300.98.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * glibc-lang-2.31-150300.98.1 * glibc-i18ndata-2.31-150300.98.1 * glibc-info-2.31-150300.98.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * glibc-devel-32bit-2.31-150300.98.1 * glibc-locale-base-32bit-2.31-150300.98.1 * glibc-32bit-debuginfo-2.31-150300.98.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.98.1 * glibc-32bit-2.31-150300.98.1 * glibc-devel-32bit-debuginfo-2.31-150300.98.1 ## References: * https://www.suse.com/security/cve/CVE-2025-15281.html * https://www.suse.com/security/cve/CVE-2025-8058.html * https://www.suse.com/security/cve/CVE-2026-0861.html * https://www.suse.com/security/cve/CVE-2026-0915.html * https://bugzilla.suse.com/show_bug.cgi?id=1246965 * https://bugzilla.suse.com/show_bug.cgi?id=1256766 * https://bugzilla.suse.com/show_bug.cgi?id=1256822 * https://bugzilla.suse.com/show_bug.cgi?id=1257005 . SUSE updates glibc to address four important issues affecting systemswith openSUSE. Immediate action recommended.. glibc update openSUSE vulnerabilities patch. . Severity: Important. LinuxSecurity.com Team
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-3361 http://linux.oracle.com/errata/ELSA-2026-3361.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: firefox-140.8.0-2.0.1.el10_1.x86_64.rpm aarch64: firefox-140.8.0-2.0.1.el10_1.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/firefox-140.8.0-2.0.1.el10_1.src.rpm Related CVEs: CVE-2026-2447 CVE-2026-2757 CVE-2026-2758 CVE-2026-2759 CVE-2026-2760 CVE-2026-2761 CVE-2026-2762 CVE-2026-2763 CVE-2026-2764 CVE-2026-2765 CVE-2026-2766 CVE-2026-2767 CVE-2026-2768 CVE-2026-2769 CVE-2026-2770 CVE-2026-2771 CVE-2026-2772 CVE-2026-2773 CVE-2026-2774 CVE-2026-2775 CVE-2026-2776 CVE-2026-2777 CVE-2026-2778 CVE-2026-2779 CVE-2026-2780 CVE-2026-2781 CVE-2026-2782 CVE-2026-2783 CVE-2026-2784 CVE-2026-2785 CVE-2026-2786 CVE-2026-2787 CVE-2026-2788 CVE-2026-2789 CVE-2026-2790 CVE-2026-2791 CVE-2026-2792 CVE-2026-2793 Description of changes: [140.8.0-2.0.1] - Fix firefox-oracle-default-prefs.js for new nss [Orabug: 37079773] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [140.8.0-2] - Update to 140.8.0 ESR _______________________________________________ El-errata mailing list
An update that solves four vulnerabilities can now be installed.. # Security update for the Linux Kernel (Live Patch 28 for SUSE Linux Enterprise 15 SP5) Announcement ID: SUSE-SU-2026:0535-1 Release Date: 2026-02-15T11:04:07Z Rating: important References: * bsc#1249205 * bsc#1249455 * bsc#1249480 * bsc#1250314 Cross-References: * CVE-2023-53321 * CVE-2025-38111 * CVE-2025-38352 * CVE-2025-39742 CVSS scores: * CVE-2023-53321 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2023-53321 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-53321 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-53321 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-38111 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38111 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38111 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-38352 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38352 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38352 ( NVD ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39742 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39742 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39742 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel5.14.21-150500.55.113 fixes various security issues The following security issues were fixed: * CVE-2023-53321: wifi: mac80211_hwsim: drop short frames (bsc#1250314). * CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access (bsc#1249455). * CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205). * CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-538=1 SUSE-2026-535=1 SUSE-2026-536=1 SUSE-2026-537=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2026-538=1 SUSE-SLE- Module-Live-Patching-15-SP5-2026-535=1 SUSE-SLE-Module-Live- Patching-15-SP5-2026-536=1 SUSE-SLE-Module-Live-Patching-15-SP5-2026-537=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_23-debugsource-14-150500.2.1 * kernel-livepatch-5_14_21-150500_55_100-default-13-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_28-debugsource-11-150500.2.1 * kernel-livepatch-5_14_21-150500_55_94-default-14-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_22-debugsource-18-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_25-debugsource-13-150500.2.1 * kernel-livepatch-5_14_21-150500_55_113-default-11-150500.2.1 * kernel-livepatch-5_14_21-150500_55_113-default-debuginfo-11-150500.2.1 * kernel-livepatch-5_14_21-150500_55_100-default-debuginfo-13-150500.2.1 * kernel-livepatch-5_14_21-150500_55_91-default-debuginfo-18-150500.2.1 * kernel-livepatch-5_14_21-150500_55_94-default-debuginfo-14-150500.2.1 * kernel-livepatch-5_14_21-150500_55_91-default-18-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5(ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_23-debugsource-14-150500.2.1 * kernel-livepatch-5_14_21-150500_55_100-default-13-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_28-debugsource-11-150500.2.1 * kernel-livepatch-5_14_21-150500_55_94-default-14-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_22-debugsource-18-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_25-debugsource-13-150500.2.1 * kernel-livepatch-5_14_21-150500_55_113-default-11-150500.2.1 * kernel-livepatch-5_14_21-150500_55_113-default-debuginfo-11-150500.2.1 * kernel-livepatch-5_14_21-150500_55_100-default-debuginfo-13-150500.2.1 * kernel-livepatch-5_14_21-150500_55_91-default-debuginfo-18-150500.2.1 * kernel-livepatch-5_14_21-150500_55_94-default-debuginfo-14-150500.2.1 * kernel-livepatch-5_14_21-150500_55_91-default-18-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-53321.html * https://www.suse.com/security/cve/CVE-2025-38111.html * https://www.suse.com/security/cve/CVE-2025-38352.html * https://www.suse.com/security/cve/CVE-2025-39742.html * https://bugzilla.suse.com/show_bug.cgi?id=1249205 * https://bugzilla.suse.com/show_bug.cgi?id=1249455 * https://bugzilla.suse.com/show_bug.cgi?id=1249480 * https://bugzilla.suse.com/show_bug.cgi?id=1250314 . Learn about openSUSE security update 2026:0535-1 addressing four important vulnerabilities in the kernel.. openSUSE Kernel Update 2026:0535-1 Security Patching. . Severity: Important. LinuxSecurity.com Team
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-50100 http://linux.oracle.com/errata/ELSA-2026-50100.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: aarch64: kernel-uek-5.4.17-2136.352.5.el8uek.aarch64.rpm kernel-uek-debug-5.4.17-2136.352.5.el8uek.aarch64.rpm kernel-uek-debug-devel-5.4.17-2136.352.5.el8uek.aarch64.rpm kernel-uek-devel-5.4.17-2136.352.5.el8uek.aarch64.rpm kernel-uek-doc-5.4.17-2136.352.5.el8uek.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/kernel-uek-5.4.17-2136.352.5.el8uek.src.rpm Related CVEs: CVE-2025-39964 CVE-2025-40022 CVE-2025-40083 CVE-2025-40211 CVE-2025-40248 CVE-2025-40254 CVE-2025-40259 CVE-2025-40263 CVE-2025-40264 CVE-2025-40271 CVE-2025-40275 CVE-2025-40277 CVE-2025-40280 CVE-2025-40281 CVE-2025-40283 CVE-2025-40304 CVE-2025-40308 CVE-2025-40309 CVE-2025-40321 CVE-2025-40322 CVE-2025-40331 CVE-2025-40363 CVE-2025-68185 CVE-2025-68192 CVE-2025-68194 CVE-2025-68229 CVE-2025-68241 CVE-2025-68245 CVE-2025-68312 CVE-2025-68734 Description of changes: [5.4.17-2136.352.5] - crypto: af_alg - Fix incorrect boolean values in af_alg_ctx (Eric Biggers) [Orabug: 38879907] {CVE-2025-40022} [5.4.17-2136.352.4] - arm64: pensando: Must boot Ortano kernel with spin-table (Rob Gardner) [Orabug: 38821197] [5.4.17-2136.352.3] - net/sched: adjust device watchdog timer to detect stopped queue at right time (Praveen Kumar Kannoju) [Orabug: 38340278] - net/mlx5: Mark the mellanox graceful_period fix as out-of-tree change (Praveen Kumar Kannoju) [Orabug: 38252416] - infiniband/xsigo: Replace BUG_ON with WARN_ON_ONCE. (Siddh Raman Pant) [Orabug: 38418469] - infiniband/xsigo: xsvnic_main: Remove unused functions (Siddh Raman Pant) [Orabug: 38418469] - infiniband/xsigo: xve_cm: Fix mixed code warning (Siddh Raman Pant) [Orabug: 38418469] - infiniband/xsigo: xve_ethtool: Remove unused variable 'priv' (Siddh Raman Pant) [Orabug: 38418469] - infiniband/xsigo: xve_ib: Fix misleading indentation (Siddh Raman Pant) [Orabug: 38418469] - infiniband/xsigo: xve_ib: Fix mixed code warning (Siddh Raman Pant) [Orabug: 38418469] - infiniband/xsigo: xve_verbs: Remove unused label 'out_free_pd' (Siddh Raman Pant) [Orabug: 38418469] - infiniband/xsigo: xve_main: Remove unused function 'xve_napi_del' (Siddh Raman Pant) [Orabug: 38418469] - infiniband/xsigo: xve_main: Fix mixed code warning (Siddh Raman Pant) [Orabug: 38418469] - infiniband/xsigo: xve_main: Fix misleading indentation (Siddh Raman Pant) [Orabug: 38418469] - inifinibad/xsigo: xsvnic_main: Remove unused variable 'xsvnic_ethtool_ops' (Siddh Raman Pant) [Orabug: 38418469] - infiniband/xsigo: xscore_impl: Remove unused label 'err_pd' (Siddh Raman Pant) [Orabug: 38418469] - rds: Fix jiffies type in struct rds_conn_path (Siddh Raman Pant) [Orabug: 38418727] - kernel: sysctl: Remove unused variable 'zero' (Siddh Raman Pant) [Orabug: 38418727] - crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg (Herbert Xu) [Orabug: 38537469] {CVE-2025-39964} - RDMA/cm: Base cm_id destruction timeout on CMA values (Håkon Bugge) [Orabug: 38753622] - x86/its: Build fails with CONFIG_MITIGATION_ITS=n (Alexandre Chartre) [Orabug: 38756954] [5.4.17-2136.352.2] - LTS tag: v5.4.302 (Sherry Yang) - Input: pegasus-notetaker - fix potential out-of-bounds access (Seungjin Bae) - Input: remove third argument of usb_maxpacket() (Vincent Mailhol) - usb: deprecate the third argument of usb_maxpacket() (Vincent Mailhol) - fs/proc: fix uaf in proc_readdir_de() (Wei Yang) [Orabug: 38737034,38786776,38787139] {CVE-2025-40271} - pmdomain: imx: Fix reference count leak in imx_gpc_remove (Miaoqian Lin) - pmdomain: arm: scmi: Fix genpd leak on provider registration failure (Sudeep Holla) - net: netpoll: fix incorrect refcount handling causing incorrect cleanup (Breno Leitao) [Orabug: 38773510] {CVE-2025-68245} - net: qede: Initialize qede_ll_ops with designated initializer (Nathan Chancellor) - net:ethernet: ti: netcp: Standardize knav_dma_open_channel to return NULL on error (Nishanth Menon) - ALSA: usb-audio: fix uac2 clock source at terminal parser (René Rebe) - mm/page_alloc: fix hash table order logging in alloc_large_system_hash() (Isaac J. Manjarres) - kconfig/nconf: Initialize the default locale at startup (Jakub Horký) - kconfig/mconf: Initialize the default locale at startup (Jakub Horký) - vsock: Ignore signal/timeout on connect() if already established (Michal Luczaj) [Orabug: 38730612] {CVE-2025-40248} - s390/ctcm: Fix double-kfree (Aleksei Nikiforov) - net: openvswitch: remove never-working support for setting nsh fields (Ilya Maximets) [Orabug: 38730650] {CVE-2025-40254} - mlxsw: spectrum: Fix memory leak in mlxsw_sp_flower_stats() (Zilin Guan) - MIPS: Malta: Fix !EVA SOC-it PCI MMIO (Maciej W. Rozycki) - scsi: target: tcm_loop: Fix segfault in tcm_loop_tpg_address_show() (Hamza Mahfooz) [Orabug: 38773441] {CVE-2025-68229} - scsi: sg: Do not sleep in atomic context (Bart Van Assche) [Orabug: 38730664] {CVE-2025-40259} - Input: cros_ec_keyb - fix an invalid memory access (Tzung-Bi Shih) [Orabug: 38730681] {CVE-2025-40263} - be2net: pass wrb_params in case of OS2BMC (Andrey Vatoropin) [Orabug: 38730691] {CVE-2025-40264} - isdn: mISDN: hfcsusb: fix memory leak in hfcsusb_probe() (Abdun Nihaal) [Orabug: 38798908] {CVE-2025-68734} - EDAC/altera: Use INTTEST register for Ethernet and USB SBE injection (Niravkumar L Rabara) - EDAC/altera: Handle OCRAM ECC enable after warm reset (Niravkumar L Rabara) - spi: Try to get ACPI GPIO IRQ earlier (Hans de Goede) - ipv4: route: Prevent rt_bind_exception() from rebinding stale fnhe (Chuang Wang) [Orabug: 38773496] {CVE-2025-68241} - strparser: Fix signed/unsigned mismatch bug (Nate Karstens) - gcov: add support for GCC 15 (Peter Oberparleiter) - mm/ksm: fix flag-dropping behavior in ksm_madvise (Jakub Acs) - ALSA: usb-audio: Fix NULL pointer dereference in snd_usb_mixer_controls_badd (Haein Lee) [Orabug: 38737052] {CVE-2025-40275} - drm/vmwgfx: Validatecommand header size against SVGA_CMD_MAX_DATASIZE (Ian Forbes) [Orabug: 38737061] {CVE-2025-40277} - ASoC: cs4271: Fix regulator leak on probe failure (Xu Wang) - regulator: fixed: fix GPIO descriptor leak on register failure (Xu Wang) - regulator: fixed: use dev_err_probe for register (Chris Morgan) - Bluetooth: L2CAP: export l2cap_chan_hold for modules (Pauli Virtanen) - net_sched: limit try_bulk_dequeue_skb() batches (Eric Dumazet) - net_sched: remove need_resched() from qdisc_run() (Eric Dumazet) - net/mlx5e: Fix wraparound in rate limiting for values above 255 Gbps (Gal Pressman) - net/mlx5e: Fix maxrate wraparound in threshold between units (Gal Pressman) - net: sched: act_ife: initialize struct tc_ife to fix KMSAN kernel-infoleak (Ranganath V N) - wifi: mac80211: skip rate verification for not captured PSDUs (Benjamin Berg) - net: mdio: fix resource leak in mdiobus_register_device() (Csaba Buday) - tipc: Fix use-after-free in tipc_mon_reinit_self(). (Kuniyuki Iwashima) [Orabug: 38737084] {CVE-2025-40280} - tipc: simplify the finalize work queue (Xin Long) - sctp: prevent possible shift-out-of-bounds in sctp_transport_update_rto (Eric Dumazet) [Orabug: 38737091] {CVE-2025-40281} - sctp: get netns from asoc and ep base (Xin Long) - Bluetooth: 6lowpan: Don't hold spin lock over sleeping functions (Pauli Virtanen) - Bluetooth: 6lowpan: fix BDADDR_LE vs ADDR_LE_DEV address type confusion (Pauli Virtanen) - Bluetooth: 6lowpan: reset link-local header on ipv6 recv path (Pauli Virtanen) - Bluetooth: btusb: reorder cleanup in btusb_disconnect to avoid UAF (Raphael Pinsonneault-Thibeault) [Orabug: 38737104] {CVE-2025-40283} - net: fec: correct rx_bytes statistic for the case SHIFT16 is set (Wei Fang) - ASoC: max98090/91: fixed max98091 ALSA widget powering up/down (Sharique Mohammad) - HID: quirks: avoid Cooler Master MM712 dongle wakeup bug (Tristan Lobb) - NFS4: Fix state renewals missing after boot (Joshua Watt) - compiler_types: Move unused static inline functions warning to W=2 (Peter Zijlstra) - extcon:adc-jack: Cleanup wakeup source only if it was enabled (Krzysztof Kozlowski) - tracing: Fix memory leaks in create_field_var() (Zilin Guan) - net: usb: qmi_wwan: initialize MAC header offset in qmimux_rx_fixup (Qendrim Maxhuni) [Orabug: 38773283] {CVE-2025-68192} - sctp: Prevent TOCTOU out-of-bounds write (Stefan Wiehler) [Orabug: 38747447] {CVE-2025-40331} - sctp: Hold RCU read lock while iterating over address list (Stefan Wiehler) - net: dsa: b53: stop reading ARL entries if search is done (Jonas Gorski) - net: dsa: b53: fix enabling ip multicast (Jonas Gorski) - net: dsa: b53: fix resetting speed and pause on forced link (Jonas Gorski) - net: dsa: b53: prevent GMII_PORT_OVERRIDE_CTRL access on BCM5325 (Álvaro Fernández Rojas) - net: dsa/b53: change b53_force_port_config() pause argument (Russell King) - net: vlan: sync VLAN features with lower device (Hangbin Liu) - ceph: add checking of wait_for_completion_killable() return value (Viacheslav Dubeyko) - fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds (Albin Babu Varghese) [Orabug: 38737182] {CVE-2025-40304} - ACPI: property: Return present device nodes only on fwnode interface (Sakari Ailus) - 9p: sysfs_init: don't hardcode error to ENOMEM (Randall P. Embry) - 9p: fix /sys/fs/9p/caches overwriting itself (Randall P. Embry) - fs/hpfs: Fix error code for new_inode() failure in mkdir/create/mknod/symlink (Yikang Yue) - ACPICA: Update dsmethod.c to get rid of unused variable warning (Saket Dumbre) - orangefs: fix xattr related buffer overflow... (Mike Marshall) - page_pool: Clamp pool size to max 16K pages (Dragos Tatulea) - Bluetooth: bcsp: receive data only if registered (Ivan Pravdin) [Orabug: 38737213] {CVE-2025-40308} - Bluetooth: SCO: Fix UAF on sco_conn_free (Luiz Augusto von Dentz) [Orabug: 38737224] {CVE-2025-40309} - net: macb: avoid dealing with endianness in macb_set_hwaddr() (Théo Lebrun) - nfs4_setup_readdir(): insufficient locking for -> d_parent-> d_inode dereferencing (Al Viro) [Orabug: 38773245] {CVE-2025-68185} -NFSv4.1: fix mount hang after CREATE_SESSION failure (Anthony Iliopoulos) - NFSv4: handle ERR_GRACE on delegation recalls (Olga Kornievskaia) - remoteproc: qcom: q6v5: Avoid handling handover twice (Stephan Gerhold) - sparc/module: Add R_SPARC_UA64 relocation handling (Koakuma) - net: intel: fm10k: Fix parameter idx set but not used (Brahmajit Das) - jfs: fix uninitialized waitqueue in transaction manager (Shaurya Rane) - jfs: Verify inode mode when loading from disk (Tetsuo Handa) - ipv6: np-> rxpmtu race annotation (Eric Dumazet) - usb: xhci: plat: Facilitate using autosuspend for xhci plat devices (Krishna Kurapati) - usb: mon: Increase BUFF_MAX to 64 MiB to support multi-MB URBs (Forest Crossman) - allow finish_no_open(file, ERR_PTR(-E...)) (Al Viro) - scsi: lpfc: Define size of debugfs entry for xri rebalancing (Justin Tee) - scsi: lpfc: Check return status of lpfc_reset_flush_io_context during TGT_RESET (Justin Tee) - selftests/Makefile: include $(INSTALL_DEP_TARGETS) in clean target to clean net/lib dependency (Nai-Chen Cheng) - net/cls_cgroup: Fix task_get_classid() during qdisc run (Yafang Shao) - selftests: Replace sleep with slowwait (David Ahern) - selftests: Disable dad for ipv6 in fcnal-test.sh (David Ahern) - media: redrat3: use int type to store negative error codes (Rong Qianfeng) - net: sh_eth: Disable WoL if system can not suspend (Niklas Söderlund) - phy: cadence: cdns-dphy: Enable lower resolutions in dphy (Harikrishna Shenoy) - usb: gadget: f_hid: Fix zero length packet transfer (William Wu) - net: call cond_resched() less often in __release_sock() (Eric Dumazet) - ALSA: usb-audio: apply quirk for MOONDROP Quark2 (Cryolitia Pukngae) - net: nfc: nci: Increase NCI_DATA_TIMEOUT to 3000 ms (Juraj Šarinay) - dmaengine: dw-edma: Set status for callback_result (Devendra K Verma) - dmaengine: mv_xor: match alloc_wc and free_wc (Rosen Penev) - dmaengine: sh: setup_xref error handling (Thomas Andreatta) - scsi: pm8001: Use int instead of u32 to store error codes (Rong Qianfeng) - mips: lantiq:xway: sysctrl: rename stp clock (Aleksander Jan Bajkowski) - mips: lantiq: danube: add missing device_type in pci node (Aleksander Jan Bajkowski) - mips: lantiq: danube: add missing properties to cpu node (Aleksander Jan Bajkowski) - media: fix uninitialized symbol warnings (Chelsy Ratnawat) - drm/amdkfd: Tie UNMAP_LATENCY to queue_preemption (Amber Lin) - extcon: adc-jack: Fix wakeup source leaks on device unbind (Krzysztof Kozlowski) - PCI/P2PDMA: Fix incorrect pointer usage in devm_kfree() call (Sungho Kim) - net: Call trace_sock_exceed_buf_limit() for memcg failure with SK_MEM_RECV. (Kuniyuki Iwashima) - net: When removing nexthops, don't call synchronize_net if it is not necessary (Christoph Paasch) - char: misc: Does not request module for miscdevice with dynamic minor (Zijun Hu) - usb: gadget: f_ncm: Fix MAC assignment NCM ethernet (Raub Camaioni) - iio: adc: spear_adc: mask SPEAR_ADC_STATUS channel and avg sample before setting register (Rodrigo Gobbi) - media: imon: make send_packet() more robust (Tetsuo Handa) [Orabug: 38773298] {CVE-2025-68194} - net: ipv6: fix field-spanning memcpy warning in AH output (Charalampos Mitrodimas) [Orabug: 38773141] {CVE-2025-40363} - bridge: Redirect to backup port when port is administratively down (Ido Schimmel) - powerpc/eeh: Use result of error_detected() in uevent (Niklas Schnelle) - x86/vsyscall: Do not require X86_PF_INSTR to emulate vsyscall (Kirill A. Shutemov) - media: pci: ivtv: Don't create fake v4l2_fh (Laurent Pinchart) - drm/amdkfd: return -ENOTTY for unsupported IOCTLs (Geoffrey Mcrae) - selftests/net: Ensure assert() triggers in psock_tpacket.c (Wake Liu) - selftests/net: Replace non-standard __WORDSIZE with sizeof(long) * 8 (Wake Liu) - PCI: Disable MSI on RDC PCI to PCIe bridges (Marcos Del Sol Vives) - drm/nouveau: replace snprintf() with scnprintf() in nvkm_snprintbf() (Seyediman Seyedarab) - mfd: madera: Work around false-positive -Wininitialized warning (Arnd Bergmann) - mfd: stmpe-i2c: Add missing MODULE_LICENSE (Alexander Stein) - mfd: stmpe:Remove IRQ domain upon removal (Alexander Stein) - tools/power x86_energy_perf_policy: Prefer driver HWP limits (Len Brown) - tools/power x86_energy_perf_policy: Enhance HWP enable (Len Brown) - tools/cpupower: Fix incorrect size in cpuidle_state_disable() (Kaushlendra Kumar) - hwmon: (dell-smm) Add support for Dell OptiPlex 7040 (Armin Wolf) - uprobe: Do not emulate/sstep original instruction when ip is changed (Jiri Olsa) - clocksource/drivers/vf-pit: Replace raw_readl/writel to readl/writel (Daniel Lezcano) - video: backlight: lp855x_bl: Set correct EPROM start for LP8556 (Svyatoslav Ryhel) - tee: allow a driver to allocate a tee_device without a pool (Amirreza Zarrabi) - ACPICA: dispatcher: Use acpi_ds_clear_operands() in acpi_ds_call_control_method() (Hans de Goede) - mmc: sdhci-msm: Enable tuning for SDR50 mode for SD card (Sarthak Garg) - irqchip/gic-v2m: Handle Multiple MSI base IRQ Alignment (Christian Bruel) - arc: Fix __fls() const-foldability via __builtin_clzl() (Kees Cook) - cpufreq/longhaul: handle NULL policy in longhaul_exit (Dennis Beier) - selftests/bpf: Fix bpf_prog_detach2 usage in test_lirc_mode2 (Ricardo B. Marlière) - ACPI: video: force native for Lenovo 82K8 (Mario Limonciello) - memstick: Add timeout to prevent indefinite waiting (Jiayi Li) - mmc: host: renesas_sdhi: Fix the actual clock (Biju Das) - bpf: Don't use %pK through printk (Thomas Weißschuh) - spi: loopback-test: Don't use %pK through printk (Thomas Weißschuh) - soc: qcom: smem: Fix endian-unaware access of num_entries (Jens Reidel) - usb: gadget: f_fs: Fix epfile null pointer access after ep enable. (Owen Gu) - serial: 8250_dw: handle reset control deassert error (Artem Shimko) - serial: 8250_dw: Use devm_add_action_or_reset() (Andy Shevchenko) - serial: 8250_dw: Use devm_clk_get_optional() to get the input clock (Andy Shevchenko) - can: gs_usb: increase max interface to U8_MAX (Celeste Liu) - devcoredump: Fix circular locking dependency with devcd-> mutex. (Maarten Lankhorst) - net: ravb: Enforce descriptor type ordering(Lad Prabhakar) - x86/resctrl: Fix miscount of bandwidth event when reactivating previously unavailable RMID (Babu Moger) - wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode (Gokul Sivakumar) [Orabug: 38737292] {CVE-2025-40321} - net: phy: dp83867: Disable EEE support as not implemented (Emanuele Ghidoli) - regmap: slimbus: fix bus_context pointer in regmap init calls (Alexey Klimov) - drm/etnaviv: fix flush sequence logic (Tomeu Vizoso) - usbnet: Prevents free active kevent (Lizhi Xu) [Orabug: 38773784] {CVE-2025-68312} - wifi: ath10k: Fix memory leak on unsupported WMI command (Loic Poulain) - ASoC: qdsp6: q6asm: do not sleep while atomic (Srinivas Kandagatla) - fbdev: valkyriefb: Fix reference count leak in valkyriefb_init (Miaoqian Lin) - fbdev: pvr2fb: Fix leftover reference to ONCHIP_NR_DMA_CHANNELS (Florian Fuchs) - fbdev: bitblit: bound-check glyph index in bit_putcs* (Junjie Cao) [Orabug: 38737301] {CVE-2025-40322} - ACPI: video: Fix use-after-free in acpi_video_switch_brightness() (Yuhao Jiang) [Orabug: 38687005] {CVE-2025-40211} - fbdev: atyfb: Check if pll_ops-> init_pll failed (Daniel Palmer) - net: usb: asix_devices: Check return value of usbnet_get_endpoints (Miaoqian Lin) - btrfs: use smp_mb__after_atomic() when forcing COW in create_pending_snapshot() (Filipe Manana) - x86/bugs: Fix reporting of LFENCE retpoline (David Kaplan) - net/sched: sch_qfq: Fix null-deref in agg_dequeue (Xiang Mei) [Orabug: 38597085] {CVE-2025-40083} [5.4.17-2136.352.1] - RDMA/cm: Rate limit destroy CM ID timeout error message (Håkon Bugge) [Orabug: 38753401] - soc/pensando: giglio: hack dts to make things right (Rob Gardner) [Orabug: 38688154] - soc/pensando: Add AMD Pensando Giglio SoC support (Brad Larson) [Orabug: 38688154] - soc/pensando: psci support (David Clear) [Orabug: 38688154] - soc/pensando: Giglio SoC eMMC interrupt driver (Brad Larson) [Orabug: 38688154] [5.4.17-2136.351.3] - Reapply "cpuidle: menu: Avoid discarding useful information" (Harshvardhan Jha) [Orabug: 38715366] -fbcon: fix integer overflow in font allocation (Samasth Norway Ananda) [Orabug: 38702507] - uek-rpm: Replace check-kabi tool with kabi (Yifei Liu) [Orabug: 38673382] - uek-rpm: Introduce check function for uek-rpm/tools/kabi (Yifei Liu) [Orabug: 38673382] [5.4.17-2136.351.2] - uek-rpm: kabi: Remove the kabi protection for debug kernels (Yifei Liu) [Orabug: 38609548] - rds: Add smp_rmb before reading c_destroy_in_prog (Håkon Bugge) [Orabug: 38352486] - uio_hv_generic: Set event for all channels on the device (Long Li) - ata: libata-scsi: Fix system suspend for a security locked drive (Niklas Cassel) - HID: quirks: work around VID/PID conflict for 0x4c4a/0x4155 (Zhang Heng) [5.4.17-2136.351.1] - scsi: megaraid_sas: Fix concurrent access to ISR between IRQ polling and real interrupt (Sumit Saxena) [Orabug: 38630482] [5.4.17-2136.350.3] - net/rds: Fix rs_recv_pending counting issue (Gerd Rausch) [Orabug: 38506370] [5.4.17-2136.350.2] - LTS tag: v5.4.301 (Alok Tiwari) - net: rtnetlink: fix module reference count leak issue in rtnetlink_rcv_msg (Zhengchao Shao) - media: s5p-mfc: remove an unused/uninitialized variable (Arnd Bergmann) - NFSD: Fix last write offset handling in layoutcommit (Sergey Bashirov) - NFSD: Minor cleanup in layoutcommit processing (Sergey Bashirov) - padata: Reset next CPU when reorder sequence wraps around (Xiao Liang) - KEYS: trusted_tpm1: Compare HMAC values in constant time (Eric Biggers) - NFSD: Define a proc_layoutcommit for the FlexFiles layout type (Chuck Lever) [Orabug: 38601819] {CVE-2025-40087} - vfs: Don't leak disconnected dentries on umount (Jan Kara) [Orabug: 38601924] {CVE-2025-40105} - jbd2: ensure that all ongoing I/O complete before freeing blocks (Zhang Yi) - ext4: detect invalid INLINE_DATA + EXTENTS flag combination (Deepanshu Kartikey) [Orabug: 38649223] {CVE-2025-40167} - drm/amdgpu: use atomic functions with memory barriers for vm fault info (Gui-Dong Han) - ext4: avoid potential buffer over-read in parse_apply_sb_mount_options() (Theodore Ts'O) [Orabug: 38649412]{CVE-2025-40198} - spi: cadence-quadspi: Flush posted register writes before DAC access (Pratyush Yadav) - spi: cadence-quadspi: Flush posted register writes before INDAC access (Pratyush Yadav) - memory: samsung: exynos-srom: Fix of_iomap leak in exynos_srom_probe (Zhen Ni) - memory: samsung: exynos-srom: Correct alignment (Krzysztof Kozlowski) - arm64: errata: Apply workarounds for Neoverse-V3AE (Mark Rutland) - arm64: cputype: Add Neoverse-V3AE definitions (Mark Rutland) - comedi: fix divide-by-zero in comedi_buf_munge() (Deepanshu Kartikey) - binder: remove "invalid inc weak" check (Alice Ryhl) - xhci: dbc: enable back DbC in resume if it was enabled before suspend (Mathias Nyman) - usb/core/quirks: Add Huawei ME906S to wakeup quirk (Tim Guttzeit) - USB: serial: option: add Telit FN920C04 ECM compositions (Li Qingwu) - USB: serial: option: add Quectel RG255C (Reinhard Speyerer) - USB: serial: option: add UNISOC UIS7720 (Renjun Wang) - net: ravb: Ensure memory write completes before ringing TX doorbell (Lad Prabhakar) - net: usb: rtl8150: Fix frame padding (Michał Pecio) - ocfs2: clear extent cache after moving/defragmenting extents (Deepanshu Kartikey) [Orabug: 38730547] {CVE-2025-40233} - MIPS: Malta: Fix keyboard resource preventing i8042 driver from registering (Maciej W. Rozycki) - Revert "cpuidle: menu: Avoid discarding useful information" (Rafael J. Wysocki) - net: bonding: fix possible peer notify event loss or dup issue (Tonghao Zhang) - sctp: avoid NULL dereference when chunk data buffer is missing (Alexey Simakov) [Orabug: 38730567] {CVE-2025-40240} - arm64, mm: avoid always making PTE dirty in pte_mkwrite() (Huang, Ying) - net: enetc: correct the value of ENETC_RXB_TRUESIZE (Wei Fang) - rtnetlink: Allow deleting FDB entries in user namespace (Johannes Wiesboeck) - net: rtnetlink: add NLM_F_BULK support to rtnl_fdb_del (Nikolay Aleksandrov) - net: add ndo_fdb_del_bulk (Nikolay Aleksandrov) - net: rtnetlink: add bulk delete support flag (Nikolay Aleksandrov) - net: netlink: add NLM_F_BULK deleterequest modifier (Nikolay Aleksandrov) - net: rtnetlink: use BIT for flag values (Nikolay Aleksandrov) - net: rtnetlink: add helper to extract msg type's kind (Nikolay Aleksandrov) - net: rtnetlink: add msg kind names (Nikolay Aleksandrov) - net: rtnetlink: remove redundant assignment to variable err (Colin Ian King) - m68k: bitops: Fix find_*_bit() signatures (Geert Uytterhoeven) - hfsplus: return EIO when type of hidden directory mismatch in hfsplus_fill_super() (Yangtao Li) - hfs: fix KMSAN uninit-value issue in hfs_find_set_zero_bits() (Viacheslav Dubeyko) - dlm: check for defined force value in dlm_lockspace_release (Alexander Aring) - hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() (Viacheslav Dubeyko) - hfs: validate record offset in hfsplus_bmap_alloc (Yang Chenzhi) - hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent() (Viacheslav Dubeyko) - hfs: make proper initalization of struct hfs_find_data (Viacheslav Dubeyko) - hfs: clear offset and space out of valid records in b-tree node (Viacheslav Dubeyko) - exec: Fix incorrect type for ret (Xichao Zhao) - hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() (Viacheslav Dubeyko) - ALSA: firewire: amdtp-stream: fix enum kernel-doc warnings (Randy Dunlap) - sched/fair: Fix pelt lost idle time detection (Vincent Guittot) - sched/balancing: Rename newidle_balance() => sched_balance_newidle() (Ingo Molnar) - sched/fair: Trivial correction of the newidle_balance() comment (Barry Song) - sched: Make newidle_balance() static again (Chen Yu) - tls: don't rely on tx_work during send() (Sabrina Dubroca) - tls: always set record_type in tls_process_cmsg (Sabrina Dubroca) - tg3: prevent use of uninitialized remote_adv and local_adv variables (Alexey Simakov) - tcp: fix tcp_tso_should_defer() vs large RTT (Eric Dumazet) - amd-xgbe: Avoid spurious link down messages during interface toggle (Raju Rangoju) - net/ip6_tunnel: Prevent perpetual tunnel growth (Dmitry Safonov) [Orabug: 38649261] {CVE-2025-40173} - net: dlink: handledma_map_single() failure properly (Moon Yeounsu) - net: dl2k: switch from 'pci_' to 'dma_' API (Christophe Jaillet) - media: pci: ivtv: Add missing check after DMA map (Thomas Fourier) - media: pci/ivtv: switch from 'pci_' to 'dma_' API (Christophe Jaillet) - xen/events: Update virq_to_irq on migration (Jason Andryuk) - media: lirc: Fix error handling in lirc_register() (Ma Ke) - media: rc: Directly use ida_free() (Keliu) - drm/exynos: exynos7_drm_decon: remove ctx-> suspended (Kaustabh Chakraborty) - btrfs: avoid potential out-of-bounds in btrfs_encode_fh() (Anderson Nascimento) [Orabug: 38649463] {CVE-2025-40205} - pwm: berlin: Fix wrong register in suspend/resume (Jisheng Zhang) - media: cx18: Add missing check after DMA map (Thomas Fourier) - xen/events: Cleanup find_virq() return codes (Jason Andryuk) - cramfs: Verify inode mode when loading from disk (Tetsuo Handa) - fs: Add 'initramfs_options' to set initramfs mount options (Lichen Liu) - pid: Add a judgment for ns null in pid_nr_ns (Gaoxiang17) [Orabug: 38649276] {CVE-2025-40178} - minixfs: Verify inode mode when loading from disk (Tetsuo Handa) - tracing: Fix race condition in kprobe initialization causing NULL pointer dereference (Yuan Chen) [Orabug: 38592033] {CVE-2025-40042} - dm: fix NULL pointer dereference in __dm_suspend() (Zheng Qixing) [Orabug: 38649057] {CVE-2025-40134} - mfd: intel_soc_pmic_chtdc_ti: Set use_single_read regmap_config flag (Hans de Goede) - mfd: intel_soc_pmic_chtdc_ti: Drop unneeded assignment for cache_type (Andy Shevchenko) - mfd: intel_soc_pmic_chtdc_ti: Fix invalid regmap-config max_register value (Hans de Goede) - Squashfs: reject negative file sizes in squashfs_read_inode() (Phillip Lougher) [Orabug: 38649425] {CVE-2025-40200} - Squashfs: add additional inode sanity checking (Phillip Lougher) - media: mc: Clear minor number before put device (Edward Adam Davis) [Orabug: 38649399] {CVE-2025-40197} - mfd: vexpress-sysreg: Check the return value of devm_gpiochip_add_data() (Bartosz Golaszewski) - fs: udf: fix OOB read inlengthAllocDescs handling (Larshin Sergey) [Orabug: 38592048] {CVE-2025-40044} - KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O (Sean Christopherson) [Orabug: 38591959] {CVE-2025-40026} - net/9p: fix double req put in p9_fd_cancelled (Nalivayko Sergey) [Orabug: 38591965] {CVE-2025-40027} - ext4: guard against EA inode refcount underflow in xattr update (Ahmet Eray Karadag) [Orabug: 38649330] {CVE-2025-40190} - ext4: correctly handle queries for metadata mappings (Ojaswin Mujoo) - ext4: increase i_disksize to offset + len in ext4_update_disksize_before_punch() (Yongjian Sun) - nfsd: nfserr_jukebox in nlm_fopen should lead to a retry (Olga Kornievskaia) - x86/umip: Fix decoding of register forms of 0F 01 (SGDT and SIDT aliases) (Sean Christopherson) - x86/umip: Check that the instruction opcode is at least two bytes (Sean Christopherson) - PCI: keystone: Use devm_request_irq() to free "ks-pcie-error-irq" on exit (Siddharth Vadapalli) - PCI/AER: Fix missing uevent on recovery when a reset is requested (Niklas Schnelle) - PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV (Niklas Schnelle) [Orabug: 38730513] {CVE-2025-40219} - rseq/selftests: Use weak symbol reference, not definition, to link with glibc (Sean Christopherson) - rtc: interface: Fix long-standing race when setting alarm (Esben Haabendal) - rtc: interface: Ensure alarm irq is enabled when UIE is enabled (Esben Haabendal) - mmc: core: SPI mode remove cmd7 (Rex Chen) - mtd: rawnand: fsmc: Default to autodetect buswidth (Linus Walleij) - sparc: fix error handling in scan_one_device() (Ma Ke) - sparc64: fix hugetlb for sun4u (Anthony Yznaga) - sctp: Fix MAC comparison to be constant-time (Eric Biggers) [Orabug: 38649451] {CVE-2025-40204} - scsi: hpsa: Fix potential memory leak in hpsa_big_passthru_ioctl() (Thorsten Blum) - parisc: don't reference obsolete termio struct for TC* constants (Sam James) - lib/genalloc: fix device leak in of_gen_pool_get() (Johan Hovold) - iio: frequency: adf4350: Fix prescaler usage.(Michael Hennerich) - iio: dac: ad5421: use int type to store negative error codes (Rong Qianfeng) - iio: dac: ad5360: use int type to store negative error codes (Rong Qianfeng) - crypto: atmel - Fix dma_unmap_sg() direction (Thomas Fourier) - cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request() (Rafael J. Wysocki) [Orabug: 38649367] {CVE-2025-40194} - drm/nouveau: fix bad ret code in nouveau_bo_move_prep (Shuhao Fu) - media: i2c: mt9v111: fix incorrect type for ret (Rong Qianfeng) - firmware: meson_sm: fix device leak at probe (Johan Hovold) - xen/manage: Fix suspend error path (Lukas Wunner) - arm64: dts: qcom: msm8916: Add missing MDSS reset (Stephan Gerhold) - ACPI: debug: fix signedness issues in read/write helpers (Amir Mohammad Jahangirzad) - ACPI: TAD: Add missing sysfs_remove_group() for ACPI_TAD_RT (Daniel Tang) - tpm_tis: Fix incorrect arguments in tpm_tis_probe_irq_single (Gunnar Kudrjavets) - tpm, tpm_tis: Claim locality before writing interrupt registers (Lino Sanfilippo) - crypto: essiv - Check ssize for decryption and in-place encryption (Herbert Xu) [Orabug: 38581456,38705546] {CVE-2025-40019} - mailbox: zynqmp-ipi: Remove dev.parent check in zynqmp_ipi_free_mboxes (Harini T) - mailbox: zynqmp-ipi: Remove redundant mbox_controller_unregister() call (Harini T) - tools build: Align warning options with perf (Leo Yan) - net: fsl_pq_mdio: Fix device node reference leak in fsl_pq_mdio_probe (Erick Karanja) - tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request(). (Kuniyuki Iwashima) [Orabug: 38649579] {CVE-2025-40186} - net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce() (Alexandr Sapozhnikov) [Orabug: 38649313] {CVE-2025-40187} - drm/vmwgfx: Fix Use-after-free in validation (Ian Forbes) [Orabug: 38643546] {CVE-2025-40111} - net/mlx4: prevent potential use after free in mlx4_en_do_uc_filter() (Dan Carpenter) - scsi: mvsas: Fix use-after-free bugs in mvs_work_queue (Duoming Zhou) [Orabug: 38557654] {CVE-2025-40001} - scsi: mvsas: Use sas_task_find_rq()for tagging (John Garry) - scsi: mvsas: Delete mvs_tag_init() (John Garry) - scsi: libsas: Add sas_task_find_rq() (John Garry) - clk: nxp: Fix pll0 rate check condition in LPC18xx CGU driver (Alok Tiwari) - clk: nxp: lpc18xx-cgu: convert from round_rate() to determine_rate() (Brian Masney) - perf session: Fix handling when buffer exceeds 2 GiB (Leo Yan) - rtc: x1205: Fix Xicor X1205 vendor prefix (Rob Herring) - perf util: Fix compression checks returning -1 as bool (Yunseong Kim) - iio: frequency: adf4350: Fix ADF4350_REG3_12BIT_CLKDIV_MODE (Michael Hennerich) - clocksource/drivers/clps711x: Fix resource leaks in error paths (Zhen Ni) - pinctrl: check the return value of pinmux_ops::get_function_name() (Bartosz Golaszewski) [Orabug: 38591981] {CVE-2025-40030} - Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak (Zhen Ni) [Orabug: 38592002] {CVE-2025-40035} - mm: hugetlb: avoid soft lockup when mprotect to large memory area (Yang Shi) [Orabug: 38649150] {CVE-2025-40153} - uio_hv_generic: Let userspace take care of interrupt mask (Naman Jain) [Orabug: 38592067] {CVE-2025-40048} - Squashfs: fix uninit-value in squashfs_get_parent (Phillip Lougher) [Orabug: 38592077] {CVE-2025-40049} - net: ena: return 0 in ena_get_rxfh_key_size() when RSS hash key is not configurable (Kohei Enju) - nfp: fix RSS hash key size when RSS is not supported (Kohei Enju) - drivers/base/node: fix double free in register_one_node() (Donet Tom) - ocfs2: fix double free in user_cluster_connect() (Dan Carpenter) [Orabug: 38592110] {CVE-2025-40055} - net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast (I Viswanath) [Orabug: 38649096] {CVE-2025-40140} - RDMA/siw: Always report immediate post SQ errors (Bernard Metzler) - usb: vhci-hcd: Prevent suspending virtually attached devices (Cristian Ciocaltea) - scsi: mpt3sas: Fix crash in transport port remove by using ioc_info() (Ranjan Kumar) [Orabug: 38648982] {CVE-2025-40115} - ipvs: Defer ip_vs_ftp unregister during netns cleanup (Slavin Liu) [Orabug:38581446] {CVE-2025-40018} - NFSv4.1: fix backchannel max_resp_sz verification check (Anthony Iliopoulos) - remoteproc: qcom: q6v5: Avoid disabling handover IRQ twice (Stephan Gerhold) - sparc: fix accurate exception reporting in copy_{from,to}_user for M7 (Michael Karcher) - sparc: fix accurate exception reporting in copy_to_user for Niagara 4 (Michael Karcher) - sparc: fix accurate exception reporting in copy_{from_to}_user for Niagara (Michael Karcher) - sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC III (Michael Karcher) - sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC (Michael Karcher) - IB/sa: Fix sa_local_svc_timeout_ms read race (Vlad Dumitrescu) - RDMA/core: Resolve MAC of next-hop device without ARP support (Parav Pandit) - wifi: mt76: fix potential memory leak in mt76_wmac_probe() (Abdun Nihaal) - drivers/base/node: handle error properly in register_one_node() (Donet Tom) - watchdog: mpc8xxx_wdt: Reload the watchdog timer when enabling the watchdog (Christophe Leroy) - netfilter: ipset: Remove unused htable_bits in macro ahash_region (Zhen Ni) - iio: consumers: Fix offset handling in iio_convert_raw_to_processed() (Hans de Goede) - ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping (Takashi Iwai) - ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping (Takashi Iwai) - ASoC: Intel: bytcht_es8316: Fix invalid quirk input mapping (Takashi Iwai) - pps: fix warning in pps_register_cdev when register device fail (Wang Liang) [Orabug: 38592170] {CVE-2025-40070} - misc: genwqe: Fix incorrect cmd field being reported in error (Colin Ian King) - usb: gadget: configfs: Correctly set use_os_string at bind (William Wu) - usb: phy: twl6030: Fix incorrect type for ret (Xichao Zhao) - tcp: fix __tcp_close() to only send RST when required (Eric Dumazet) - PCI: tegra: Fix devm_kcalloc() argument order for port-> phys allocation (Alok Tiwari) - wifi: mwifiex: send world regulatory domain to driver (Stefan Kerkmann) - ALSA: lx_core: use int typeto store negative error codes (Rong Qianfeng) - media: rj54n1cb0c: Fix memleak in rj54n1_probe() (Zhang Shurong) - scsi: myrs: Fix dma_alloc_coherent() error check (Thomas Fourier) - scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod (Niklas Cassel) [Orabug: 38649567] {CVE-2025-40118} - serial: max310x: Add error checking in probe() (Dan Carpenter) - usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup (Dan Carpenter) - drm/radeon/r600_cs: clean up of dead code in r600_cs (Brahmajit Das) - i2c: designware: Add disabling clocks when probe fails (Kunihiko Hayashi) - i2c: mediatek: fix potential incorrect use of I2C_MASTER_WRRD (Leilk Liu) - bpf: Explicitly check accesses to bpf_sock_addr (Paul Chaignon) [Orabug: 38592205] {CVE-2025-40078} - selftests: watchdog: skip ping loop if WDIOF_KEEPALIVEPING not supported (Akhilesh Patil) - pwm: tiehrpwm: Fix corner case in clock divisor calculation (Uwe Kleine-König) - block: use int to store blk_stack_limits() return value (Rong Qianfeng) - blk-mq: check kobject state_in_sysfs before deleting in blk_mq_unregister_hctx (Li Nan) [Orabug: 38649026] {CVE-2025-40125} - pinctrl: meson-gxl: add missing i2c_d pinmux (Da Xue) - soc: qcom: rpmh-rsc: Unconditionally clear _TRIGGER bit for TCS (Sneh Mankad) - ACPI: processor: idle: Fix memory leak when register cpuidle device failed (Huisong Li) - regmap: Remove superfluous check for !config in __regmap_init() (Geert Uytterhoeven) - x86/vdso: Fix output operand size of RDPID (Uros Bizjak) - perf: arm_spe: Prevent overflow in PERF_IDX2OFF() (Leo Yan) [Orabug: 38592223] {CVE-2025-40081} - driver core/PM: Set power.no_callbacks along with power.no_pm (Rafael J. Wysocki) - staging: axis-fifo: flush RX FIFO on read errors (Ovidiu Panait) - staging: axis-fifo: fix maximum TX packet length check (Ovidiu Panait) - perf subcmd: avoid crash in exclude_cmds when excludes is empty (Hupu) - dm-integrity: limit MAX_TAG_SIZE to 255 (Mikulas Patocka) - wifi: rtlwifi: rtl8192cu: Don't claim USB ID 07b8:8188 (BitterblueSmith) - USB: serial: option: add SIMCom 8230C compositions (Xiaowei Li) - media: rc: fix races with imon_disconnect() (Larshin Sergey) [Orabug: 38548027] {CVE-2025-39993} - media: imon: grab lock earlier in imon_ir_change_protocol() (Tetsuo Handa) - media: imon: reorganize serialization (Tetsuo Handa) - media: rc: Add support for another iMON 0xffdc device (Flavius Georgescu) - media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in probe (Duoming Zhou) [Orabug: 38548044] {CVE-2025-39995} - media: tuner: xc5000: Fix use-after-free in xc5000_release (Duoming Zhou) [Orabug: 38548037] {CVE-2025-39994} - media: tunner: xc5000: Refactor firmware load (Ricardo Ribalda) - udp: Fix memory accounting leak. (Kuniyuki Iwashima) [Orabug: 37844325] {CVE-2025-22058} - media: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove (Duoming Zhou) [Orabug: 38548051] {CVE-2025-39996} - scsi: target: target_core_configfs: Add length check to avoid buffer overflow (Wang Haoran) [Orabug: 38548059] {CVE-2025-39998} - LTS tag: v5.4.300 (Alok Tiwari) - KVM: SVM: Sync TPR from LAPIC into VMCB::V_TPR even if AVIC is active (Maciej S. Szmigiero) - mm/hugetlb: fix folio is still mapped when deleted (Tu Jinjiang) [Orabug: 38560482] {CVE-2025-40006} - i40e: add mask to apply valid bits for itr_idx (Lukasz Czapnik) - i40e: fix validation of VF state in get resources (Lukasz Czapnik) [Orabug: 38547929] {CVE-2025-39969} - i40e: fix idx validation in config queues msg (Lukasz Czapnik) [Orabug: 38547938] {CVE-2025-39971} - i40e: add validation for ring_len param (Lukasz Czapnik) [Orabug: 38547952,38604168,38604171] {CVE-2025-39973} - i40e: increase max descriptors for XL710 (Justin Bronder) - mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize() (David Hildenbrand) - fbcon: Fix OOB access in font allocation (Thomas Zimmermann) - fbcon: fix integer overflow in fbcon_do_set_font (Samasth Norway Ananda) [Orabug: 38547913] {CVE-2025-39967} - i40e: add max boundary check for VF filters(Lukasz Czapnik) [Orabug: 38547923] {CVE-2025-39968} - i40e: fix input validation logic for action_meta (Lukasz Czapnik) [Orabug: 38547933] {CVE-2025-39970} - i40e: fix idx validation in i40e_validate_queue_map (Lukasz Czapnik) [Orabug: 38547946] {CVE-2025-39972} - drm/gma500: Fix null dereference in hdmi teardown (Zabelin Nikita) [Orabug: 38560496] {CVE-2025-40011} - can: peak_usb: fix shift-out-of-bounds issue (Stephane Grosjean) [Orabug: 38581463] {CVE-2025-40020} - can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow (Vincent Mailhol) - can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow (Vincent Mailhol) - can: hi311x: populate ndo_change_mtu() to prevent buffer overflow (Vincent Mailhol) - can: rcar_can: rcar_can_resume(): fix s2ram with PSCI (Geert Uytterhoeven) - IB/mlx5: Fix obj_type mismatch for SRQ event subscriptions (Or Har-Toov) - usb: core: Add 0x prefix to quirks debug output (Jiayi Li) - ALSA: usb-audio: Fix build with CONFIG_INPUT=n (Takashi Iwai) - ALSA: usb-audio: Convert comma to semicolon (Chen Ni) - ALSA: usb-audio: Add mixer quirk for Sony DualSense PS5 (Cristian Ciocaltea) - ALSA: usb-audio: Remove unneeded wmb() in mixer_quirks (Cristian Ciocaltea) - ALSA: usb-audio: Simplify NULL comparison in mixer_quirks (Cristian Ciocaltea) - ALSA: usb-audio: Avoid multiple assignments in mixer_quirks (Cristian Ciocaltea) - ALSA: usb-audio: Fix block comments in mixer_quirks (Cristian Ciocaltea) - net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer (Hans de Goede) - net: rfkill: gpio: add DT support (Philipp Zabel) - serial: sc16is7xx: fix bug in flow control levels init (Hugo Villeneuve) - USB: gadget: dummy-hcd: Fix locking bug in RT-enabled kernels (Alan Stern) - usb: gadget: dummy_hcd: remove usage of list iterator past the loop body (Jakob Koschel) - ASoC: SOF: Intel: hda-stream: Fix incorrect variable used in error message (Colin Ian King) - ASoC: wm8974: Correct PLL rate rounding (Charles Keepax) - ASoC: wm8940: Correct typo in controlname (Charles Keepax) - mmc: mvsdio: Fix dma_unmap_sg() nents value (Thomas Fourier) - nilfs2: fix CFI failure when accessing /sys/fs/nilfs2/features/* (Nathan Chancellor) - cnic: Fix use-after-free bugs in cnic_delete_task (Duoming Zhou) [Orabug: 38503849] {CVE-2025-39945} - net: liquidio: fix overflow in octeon_init_instr_queue() (Alexey Nepomnyashih) - tcp: Clear tcp_sk(sk)-> fastopen_rsk in tcp_disconnect(). (Kuniyuki Iwashima) [Orabug: 38526388] {CVE-2025-39955} - i40e: remove redundant memory barrier when cleaning Tx descs (Maciej Fijalkowski) - net: natsemi: fix rx_dropped double accounting on netif_rx() failure (Moon Yeounsu) - cgroup: split cgroup_destroy_wq into 3 workqueues (Chen Ridong) [Orabug: 38503892] {CVE-2025-39953} - pcmcia: omap_cf: Mark driver struct with __refdata to prevent section mismatch (Geert Uytterhoeven) - wifi: mac80211: fix incorrect type for ret (Liao Yuanhong) - ALSA: firewire-motu: drop EPOLLOUT from poll return values as write is not supported (Takashi Sakamoto) - mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory (Miaohe Lin) [Orabug: 38461848] {CVE-2025-39883} - phy: ti-pipe3: fix device leak at unbind (Johan Hovold) - dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees (Stephan Gerhold) [Orabug: 38494822] {CVE-2025-39923} - dmaengine: ti: edma: Fix memory allocation size for queue_priority_map (Anders Roxell) - can: j1939: j1939_local_ecu_get(): undo increment when j1939_local_ecu_get() fails (Tetsuo Handa) - can: j1939: j1939_sk_bind(): call j1939_priv_put() immediately when j1939_local_ecu_get() failed (Tetsuo Handa) - i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path (Michal Schmidt) [Orabug: 38494787] {CVE-2025-39911} - i40e: Use irq_update_affinity_hint() (Nitesh Narayan Lal) - genirq: Provide new interfaces for affinity hints (Thomas Gleixner) - genirq: Export affinity setter for modules (Thomas Gleixner) - genirq/affinity: Add irq_update_affinity_desc() (John Garry) - igb: fix link test skipping when interfaceis admin down (Kohei Enju) - net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() (Stefan Wahren) - USB: serial: option: add Telit Cinterion LE910C4-WWX new compositions (Fabio Porcedda) - USB: serial: option: add Telit Cinterion FN990A w/audio compositions (Fabio Porcedda) - tty: hvc_console: Call hvc_kick in hvc_write unconditionally (Fabian Vogt) - mtd: nand: raw: atmel: Respect tAR, tCLR in read setup timing (Alexander Sverdlin) - mtd: nand: raw: atmel: Fix comment in timings preparation (Alexander Dahl) - mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer (Christophe Kerello) - mm/khugepaged: fix the address passed to notifier on testing young (Wei Yang) - fuse: prevent overflow in copy_file_range return value (Miklos Szeredi) - fuse: check if copy_file_range() returns larger than requested size (Miklos Szeredi) - mtd: rawnand: stm32_fmc2: fix ECC overwrite (Christophe Kerello) - ocfs2: fix recursive semaphore deadlock in fiemap call (Mark Tinguely) [Orabug: 38461859] {CVE-2025-39885} - EDAC/altera: Delete an inappropriate dma_free_coherent() call (Salah Triki) - tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock-> cork. (Kuniyuki Iwashima) [Orabug: 38494797] {CVE-2025-39913} - net: Fix null-ptr-deref by sock_lock_init_class_and_name() and rmmod. (Kuniyuki Iwashima) [Orabug: 37901604] {CVE-2025-23143} _______________________________________________ El-errata mailing list
MGAA-2026-0003 - Updated isodumper packages fix bugs. MGAA-2026-0003 - Updated isodumper packages fix bugs Publication date: 07 Jan 2026 URL: https://advisories.mageia.org/MGAA-2026-0003.html Type: bugfix Affected Mageia releases: 9 Description: The current version can't encrypt a partition on a USB device. The current version cannot remove an iso9660 filesystem when formatting a USB device that was previously used to create a LiveUsb. This update fixes the reported issues. References: - https://bugs.mageia.org/show_bug.cgi?id=34877 - https://bugs.mageia.org/show_bug.cgi?id=33657 SRPMS: - 9/core/isodumper-1.61-1.mga9 . Updated isodumper packages for Mageia 9 fix critical partition and filesystem issues.. bugfix update, isodumper, Mageia security, USB encryption, partition issues. . Severity: Important. LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.