Security update for the Linux Kernel

Announcement ID:	SUSE-SU-2026:21114-1
Release Date:	2026-04-13T18:28:29Z
Rating:	important
References:	bsc#1226591 bsc#1245728 bsc#1249998 bsc#1251135 bsc#1251186 bsc#1251971 bsc#1252073 bsc#1252266 bsc#1253049 bsc#1253455 bsc#1254306 bsc#1255084 bsc#1256645 bsc#1256647 bsc#1256690 bsc#1256784 bsc#1257183 bsc#1257466 bsc#1257472 bsc#1257473 bsc#1257506 bsc#1257561 bsc#1257682 bsc#1257732 bsc#1257755 bsc#1257773 bsc#1257777 bsc#1257814 bsc#1257952 bsc#1258280 bsc#1258286 bsc#1258293 bsc#1258303 bsc#1258305 bsc#1258330 bsc#1258337 bsc#1258338 bsc#1258340 bsc#1258376 bsc#1258389 bsc#1258414 bsc#1258424 bsc#1258447 bsc#1258524 bsc#1258832 bsc#1258849 bsc#1259188 bsc#1259461 bsc#1259580 bsc#1259707 bsc#1259795 bsc#1259797 bsc#1259865 bsc#1259870 bsc#1259886 bsc#1259889 bsc#1259891 bsc#1259997 bsc#1259998 bsc#1260005 bsc#1260009 bsc#1260347 bsc#1260464 bsc#1260471 bsc#1260481 bsc#1260486 bsc#1260497 bsc#1260500 bsc#1260527 bsc#1260544 bsc#1260550 bsc#1260562 bsc#1260580 bsc#1260730 bsc#1260732 bsc#1260735 bsc#1260799 bsc#1261412 bsc#1261496 bsc#1261498 bsc#1261507 bsc#1261669
Cross-References:	CVE-2024-38542 CVE-2025-39817 CVE-2025-39998 CVE-2025-40201 CVE-2025-40253 CVE-2025-68794 CVE-2025-71066 CVE-2025-71125 CVE-2025-71231 CVE-2025-71268 CVE-2025-71269 CVE-2026-23030 CVE-2026-23047 CVE-2026-23054 CVE-2026-23069 CVE-2026-23088 CVE-2026-23103 CVE-2026-23120 CVE-2026-23125 CVE-2026-23136 CVE-2026-23140 CVE-2026-23154 CVE-2026-23157 CVE-2026-23169 CVE-2026-23187 CVE-2026-23193 CVE-2026-23201 CVE-2026-23202 CVE-2026-23204 CVE-2026-23207 CVE-2026-23216 CVE-2026-23231 CVE-2026-23242 CVE-2026-23243 CVE-2026-23255 CVE-2026-23262 CVE-2026-23270 CVE-2026-23272 CVE-2026-23274 CVE-2026-23277 CVE-2026-23278 CVE-2026-23281 CVE-2026-23292 CVE-2026-23293 CVE-2026-23304 CVE-2026-23317 CVE-2026-23319 CVE-2026-23335 CVE-2026-23343 CVE-2026-23361 CVE-2026-23379 CVE-2026-23381 CVE-2026-23383 CVE-2026-23386 CVE-2026-23395 CVE-2026-23398 CVE-2026-23412 CVE-2026-23413 CVE-2026-23414 CVE-2026-23419 CVE-2026-31788
CVSS scores:	CVE-2024-38542 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2024-38542 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2025-39817 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-39817 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2025-39998 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N CVE-2025-39998 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2025-40201 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-40201 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-40253 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-68794 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N CVE-2025-68794 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2025-71125 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N CVE-2025-71125 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVE-2025-71125 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-71231 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2025-71231 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2025-71231 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2025-71268 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-71268 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-71269 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-71269 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23030 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2026-23030 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23047 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2026-23047 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23054 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2026-23054 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23069 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2026-23069 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23069 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23088 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2026-23088 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23088 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23103 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2026-23103 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23103 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-23103 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23120 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2026-23120 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23120 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23125 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2026-23125 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23125 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23136 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2026-23136 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23136 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23136 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-23140 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2026-23140 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23140 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23154 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2026-23154 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23154 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23157 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2026-23157 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23157 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23169 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2026-23169 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H CVE-2026-23169 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23169 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-23187 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N CVE-2026-23187 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2026-23187 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2026-23193 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H CVE-2026-23193 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-23193 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-23201 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2026-23201 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23201 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23202 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2026-23202 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-23202 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2026-23207 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2026-23207 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23207 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23216 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2026-23216 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23216 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-23231 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2026-23231 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-23231 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-23231 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-23242 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2026-23242 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23242 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-23255 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2026-23255 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23262 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2026-23262 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H CVE-2026-23270 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23270 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-23272 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2026-23272 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-23272 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-23277 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2026-23277 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-23278 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2026-23278 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-23278 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-23281 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2026-23281 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-23292 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2026-23292 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CVE-2026-23293 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2026-23293 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-23304 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2026-23304 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-23319 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2026-23319 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2026-23335 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N CVE-2026-23335 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2026-23343 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2026-23343 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23361 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N CVE-2026-23361 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N CVE-2026-23379 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23381 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23383 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23383 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-23386 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2026-23386 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23395 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2026-23395 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-23395 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2026-23398 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2026-23398 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-23412 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2026-23412 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-23413 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2026-23413 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2026-23414 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2026-23414 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-23419 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2026-23419 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-31788 ( NVD ): 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Affected Products:	SUSE Linux Micro 6.1

An update that solves 61 vulnerabilities and has 21 fixes can now be installed.

Description:

The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

• CVE-2024-38542: RDMA/mana_ib: boundary check before installing cq callbacks (bsc#1226591).
• CVE-2025-39817: efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare (bsc#1249998).
• CVE-2025-39998: scsi: target: target_core_configfs: Add length check to avoid buffer overflow (bsc#1252073).
• CVE-2025-40201: kernel/sys.c: fix the racy usage of task_lock(tsk->group_leader) in sys_prlimit64() paths (bsc#1253455).
• CVE-2025-40253: s390/ctcm: Fix double-kfree (bsc#1255084).
• CVE-2025-68794: iomap: adjust read range correctly for non-block-aligned positions (bsc#1256647).
• CVE-2025-71125: tracing: Do not register unsupported perf events (bsc#1256784).
• CVE-2025-71268: btrfs: fix reservation leak in some error paths when inserting inline extent (bsc#1259865).
• CVE-2025-71269: btrfs: do not free data reservation in fallback from inline due to -ENOSPC (bsc#1259889).
• CVE-2026-23030: phy: rockchip: inno-usb2: Fix a double free bug in rockchip_usb2phy_probe() (bsc#1257561).
• CVE-2026-23047: libceph: make calc_target() set t->paused, not just clear it (bsc#1257682).
• CVE-2026-23069: vsock/virtio: fix potential underflow in virtio_transport_get_credit() (bsc#1257755).
• CVE-2026-23088: tracing: Fix crash on synthetic stacktrace field usage (bsc#1257814).
• CVE-2026-23103: ipvlan: Make the addrs_lock be per port (bsc#1257773).
• CVE-2026-23120: l2tp: avoid one data-race in l2tp_tunnel_del_work() (bsc#1258280).
• CVE-2026-23125: sctp: move SCTP_CMD_ASSOC_SHKEY right after SCTP_CMD_PEER_INIT (bsc#1258293).
• CVE-2026-23136: libceph: reset sparse-read state in osd_fault() (bsc#1258303).
• CVE-2026-23140: bpf, test_run: Subtract size of xdp_frame from allowed metadata size (bsc#1258305).
• CVE-2026-23154: net: fix segmentation of forwarding fraglist GRO (bsc#1258286).
• CVE-2026-23169: mptcp: fix race in mptcp_pm_nl_flush_addrs_doit() (bsc#1258389).
• CVE-2026-23187: pmdomain: imx8m-blk-ctrl: fix out-of-range access of bc->domains (bsc#1258330).
• CVE-2026-23193: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (bsc#1258414).
• CVE-2026-23201: ceph: fix oops due to invalid pointer for kfree() in parse_longname() (bsc#1258337).
• CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1258340).
• CVE-2026-23216: scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() (bsc#1258447).
• CVE-2026-23231: netfilter: nf_tables: fix use-after-free in nf_tables_addchain() (bsc#1259188).
• CVE-2026-23242: RDMA/siw: Fix potential NULL pointer dereference in header processing (bsc#1259795).
• CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259797).
• CVE-2026-23255: net: add proper RCU protection to /proc/net/ptype (bsc#1259891).
• CVE-2026-23262: gve: Fix stats report corruption on queue count change (bsc#1259870).
• CVE-2026-23270: net/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks (bsc#1259886).
• CVE-2026-23272: netfilter: nf_tables: unconditionally bump set->nelems before insertion (bsc#1260009).
• CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260005).
• CVE-2026-23277: net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit (bsc#1259997).
• CVE-2026-23278: netfilter: nf_tables: always walk all pending catchall elements (bsc#1259998).
• CVE-2026-23281: wifi: libertas: fix use-after-free in lbs_free_adapter() (bsc#1260464).
• CVE-2026-23292: scsi: target: Fix recursive locking in __configfs_open_file() (bsc#1260500).
• CVE-2026-23293: net: vxlan: fix nd_tbl NULL dereference when IPv6 is disabled (bsc#1260486).
• CVE-2026-23304: ipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu() (bsc#1260544).
• CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260562).
• CVE-2026-23319: bpf: Fix a UAF issue in bpf_trampoline_link_cgroup_shim (bsc#1260735).
• CVE-2026-23335: RDMA/irdma: Fix kernel stack leak in irdma_create_user_ah() (bsc#1260550).
• CVE-2026-23343: xdp: produce a warning when calculated tailroom is negative (bsc#1260527).
• CVE-2026-23361: PCI: dwc: ep: Flush MSI-X write before unmapping its ATU entry (bsc#1260732).
• CVE-2026-23379: net/sched: ets: fix divide by zero in the offload path (bsc#1260481).
• CVE-2026-23381: net: bridge: fix nd_tbl NULL dereference when IPv6 is disabled (bsc#1260471).
• CVE-2026-23383: bpf, arm64: Force 8-byte alignment for JIT buffer to prevent atomic tearing (bsc#1260497).
• CVE-2026-23386: gve: fix incorrect buffer cleanup in gve_tx_clean_pending_packets for QPL (bsc#1260799).
• CVE-2026-23395: Bluetooth: L2CAP: Fix accepting multiple L2CAP_ECRED_CONN_REQ (bsc#1260580).
• CVE-2026-23398: icmp: fix NULL pointer dereference in icmp_tag_validation() (bsc#1260730).
• CVE-2026-23412: netfilter: bpf: defer hook memory release until rcu readers are done (bsc#1261412).
• CVE-2026-23413: clsact: Fix use-after-free in init/destroy rollback asymmetry (bsc#1261498).
• CVE-2026-23414: tls: Purge async_hold in tls_decrypt_async_wait() (bsc#1261496).
• CVE-2026-23419: net/rds: Fix circular locking dependency in rds_tcp_tune (bsc#1261507).
• CVE-2026-31788: xen/privcmd: restrict usage in unprivileged domU (bsc#1259707).

The following non-security bugs were fixed:

• ACPI: EC: clean up handlers on probe failure in acpi_ec_setup() (git-fixes).
• ACPI: OSI: Add DMI quirk for Acer Aspire One D255 (stable-fixes).
• ACPI: OSL: fix __iomem type on return from acpi_os_map_generic_address() (git-fixes).
• ACPI: PM: Save NVS memory on Lenovo G70-35 (stable-fixes).
• ACPI: processor: Fix previous acpi_processor_errata_piix4() fix (git-fixes).
• ALSA: caiaq: fix stack out-of-bounds read in init_card (git-fixes).
• ALSA: firewire-lib: fix uninitialized local variable (git-fixes).
• ALSA: hda/conexant: Add quirk for HP ZBook Studio G4 (stable-fixes).
• ALSA: hda/conexant: Fix headphone jack handling on Acer Swift SF314 (stable-fixes).
• ALSA: hda/realtek: Add headset jack quirk for Thinkpad X390 (stable-fixes).
• ALSA: hda/realtek: add HP Laptop 14s-dr5xxx mute LED quirk (stable-fixes).
• ALSA: hda: cs35l56: Fix signedness error in cs35l56_hda_posture_put() (git-fixes).
• ALSA: pci: hda: use snd_kcontrol_chip() (stable-fixes).
• ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain() (git-fixes).
• ALSA: usb-audio: Check endpoint numbers at parsing Scarlett2 mixer interfaces (stable-fixes).
• ASoC: Intel: catpt: Fix the device initialization (git-fixes).
• ASoC: SOF: ipc4-topology: Allow bytes controls without initial payload (git-fixes).
• ASoC: adau1372: Fix clock leak on PLL lock failure (git-fixes).
• ASoC: adau1372: Fix unchecked clk_prepare_enable() return value (git-fixes).
• ASoC: amd: acp-mach-common: Add missing error check for clock acquisition (git-fixes).
• ASoC: amd: acp3x-rt5682-max9836: Add missing error check for clock acquisition (git-fixes).
• ASoC: amd: yc: Add ASUS EXPERTBOOK BM1503CDA to quirk table (stable-fixes).
• ASoC: amd: yc: Add DMI quirk for ASUS EXPERTBOOK PM1503CDA (stable-fixes).
• ASoC: detect empty DMI strings (git-fixes).
• ASoC: ep93xx: Fix unchecked clk_prepare_enable() and add rollback on failure (git-fixes).
• ASoC: fsl_easrc: Fix event generation in fsl_easrc_iec958_put_bits() (stable-fixes).
• ASoC: fsl_easrc: Fix event generation in fsl_easrc_iec958_set_reg() (stable-fixes).
• ASoC: qcom: qdsp6: Fix q6apm remove ordering during ADSP stop and start (git-fixes).
• ASoC: soc-core: drop delayed_work_pending() check before flush (git-fixes).
• ASoC: soc-core: flush delayed work before removing DAIs and widgets (git-fixes).
• Bluetooth: HIDP: Fix possible UAF (git-fixes).
• Bluetooth: L2CAP: Fix ERTM re-init and zero pdu_len infinite loop (git-fixes).
• Bluetooth: L2CAP: Fix null-ptr-deref on l2cap_sock_ready_cb (git-fixes).
• Bluetooth: L2CAP: Fix send LE flow credits in ACL link (git-fixes).
• Bluetooth: L2CAP: Fix type confusion in l2cap_ecred_reconf_rsp() (git-fixes).
• Bluetooth: L2CAP: Fix use-after-free in l2cap_unregister_user (git-fixes).
• Bluetooth: L2CAP: Validate L2CAP_INFO_RSP payload length before access (git-fixes).
• Bluetooth: L2CAP: Validate PDU length before reading SDU length in l2cap_ecred_data_rcv() (git-fixes).
• Bluetooth: LE L2CAP: Disconnect if received packet's SDU exceeds IMTU (git-fixes).
• Bluetooth: LE L2CAP: Disconnect if sum of payload sizes exceed SDU (git-fixes).
• Bluetooth: MGMT: Fix dangling pointer on mgmt_add_adv_patterns_monitor_complete (git-fixes).
• Bluetooth: MGMT: validate LTK enc_size on load (git-fixes).
• Bluetooth: MGMT: validate mesh send advertising payload length (git-fixes).
• Bluetooth: Remove 3 repeated macro definitions (stable-fixes).
• Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold (git-fixes).
• Bluetooth: SCO: fix race conditions in sco_sock_connect() (git-fixes).
• Bluetooth: SMP: derive legacy responder STK authentication from MITM state (git-fixes).
• Bluetooth: SMP: force responder MITM requirements before building the pairing response (git-fixes).
• Bluetooth: SMP: make SM/PER/KDU/BI-04-C happy (git-fixes).
• Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock (git-fixes).
• Bluetooth: btusb: clamp SCO altsetting table indices (git-fixes).
• Bluetooth: hci_event: fix potential UAF in hci_le_remote_conn_param_req_evt (git-fixes).
• Bluetooth: hci_ll: Fix firmware leak on error path (git-fixes).
• Bluetooth: hci_sync: Fix hci_le_create_conn_sync (git-fixes).
• Bluetooth: hci_sync: Remove remaining dependencies of hci_request (stable-fixes).
• Bluetooth: hci_sync: call destroy in hci_cmd_sync_run if immediate (git-fixes).
• Drivers: hv: fix missing kernel-doc description for 'size' in request_arr_init() (git-fixes).
• Drivers: hv: remove stale comment (git-fixes).
• Drivers: hv: vmbus: Clean up sscanf format specifier in target_cpu_store() (git-fixes).
• Drivers: hv: vmbus: Fix sysfs output format for ring buffer index (git-fixes).
• Drivers: hv: vmbus: Fix typos in vmbus_drv.c (git-fixes).
• HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them (stable-fixes).
• HID: apple: avoid memory leak in apple_report_fixup() (stable-fixes).
• HID: asus: avoid memory leak in asus_report_fixup() (stable-fixes).
• HID: magicmouse: avoid memory leak in magicmouse_report_fixup() (stable-fixes).
• HID: mcp2221: cancel last I2C command on read error (stable-fixes).
• Input: synaptics-rmi4 - fix a locking bug in an error path (git-fixes).
• KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE (bsc#1259461).
• NFC: nxp-nci: allow GPIOs to sleep (git-fixes).
• NFC: pn533: bound the UART receive buffer (git-fixes).
• PCI: Update BAR # and window messages (stable-fixes).
• PCI: hv: Correct a comment (git-fixes).
• PCI: hv: Remove unnecessary flex array in struct pci_packet (git-fixes).
• PCI: hv: Remove unused field pci_bus in struct hv_pcibus_device (git-fixes).
• PCI: hv: remove unnecessary module_init/exit functions (git-fixes).
• PM: runtime: Fix a race condition related to device removal (git-fixes).
• RDMA/mana_ib: Access remote atomic for MRs (bsc#1251135).
• RDMA/mana_ib: Add EQ creation for rnic adapter (git-fixes).
• RDMA/mana_ib: Add device statistics support (git-fixes).
• RDMA/mana_ib: Add device-memory support (git-fixes).
• RDMA/mana_ib: Add port statistics support (git-fixes).
• RDMA/mana_ib: Add support of 4M, 1G, and 2G pages (git-fixes).
• RDMA/mana_ib: Add support of mana_ib for RNIC and ETH nic (git-fixes).
• RDMA/mana_ib: Adding and deleting GIDs (git-fixes).
• RDMA/mana_ib: Allow registration of DMA-mapped memory in PDs (git-fixes).
• RDMA/mana_ib: Configure mac address in RNIC (git-fixes).
• RDMA/mana_ib: Create and destroy RC QP (git-fixes).
• RDMA/mana_ib: Create and destroy UD/GSI QP (git-fixes).
• RDMA/mana_ib: Create and destroy rnic adapter (git-fixes).
• RDMA/mana_ib: Drain send wrs of GSI QP (git-fixes).
• RDMA/mana_ib: Enable RoCE on port 1 (git-fixes).
• RDMA/mana_ib: Extend modify QP (git-fixes).
• RDMA/mana_ib: Fix DSCP value in modify QP (git-fixes).
• RDMA/mana_ib: Fix error code in probe() (git-fixes).
• RDMA/mana_ib: Fix integer overflow during queue creation (bsc#1251135).
• RDMA/mana_ib: Fix missing ret value (git-fixes).
• RDMA/mana_ib: Handle net event for pointing to the current netdev (bsc#1256690).
• RDMA/mana_ib: Implement DMABUF MR support (git-fixes).
• RDMA/mana_ib: Implement port parameters (git-fixes).
• RDMA/mana_ib: Implement uapi to create and destroy RC QP (git-fixes).
• RDMA/mana_ib: Introduce helpers to create and destroy mana queues (git-fixes).
• RDMA/mana_ib: Introduce mana_ib_get_netdev helper function (git-fixes).
• RDMA/mana_ib: Introduce mana_ib_install_cq_cb helper function (git-fixes).
• RDMA/mana_ib: Introduce mdev_to_gc helper function (git-fixes).
• RDMA/mana_ib: Modify QP state (git-fixes).
• RDMA/mana_ib: Process QP error events in mana_ib (git-fixes).
• RDMA/mana_ib: Query feature_flags bitmask from FW (git-fixes).
• RDMA/mana_ib: Set correct device into ib (git-fixes).
• RDMA/mana_ib: Take CQ type from the device type (git-fixes).
• RDMA/mana_ib: UD/GSI QP creation for kernel (git-fixes).
• RDMA/mana_ib: UD/GSI work requests (git-fixes).
• RDMA/mana_ib: Use num_comp_vectors of ib_device (git-fixes).
• RDMA/mana_ib: Use safer allocation function() (bsc#1251135).
• RDMA/mana_ib: Use struct mana_ib_queue for CQs (git-fixes).
• RDMA/mana_ib: Use struct mana_ib_queue for RAW QPs (git-fixes).
• RDMA/mana_ib: Use struct mana_ib_queue for WQs (git-fixes).
• RDMA/mana_ib: add additional port counters (bsc#1251135).
• RDMA/mana_ib: add support of multiple ports (bsc#1251135).
• RDMA/mana_ib: check cqe length for kernel CQs (git-fixes).
• RDMA/mana_ib: create EQs for RNIC CQs (git-fixes).
• RDMA/mana_ib: create and destroy RNIC cqs (git-fixes).
• RDMA/mana_ib: create kernel-level CQs (git-fixes).
• RDMA/mana_ib: create/destroy AH (git-fixes).
• RDMA/mana_ib: extend mana QP table (git-fixes).
• RDMA/mana_ib: extend query device (git-fixes).
• RDMA/mana_ib: helpers to allocate kernel queues (git-fixes).
• RDMA/mana_ib: implement get_dma_mr (git-fixes).
• RDMA/mana_ib: implement req_notify_cq (git-fixes).
• RDMA/mana_ib: implement uapi for creation of rnic cq (git-fixes).
• RDMA/mana_ib: indicate CM support (git-fixes).
• RDMA/mana_ib: introduce a helper to remove cq callbacks (git-fixes).
• RDMA/mana_ib: polling of CQs for GSI/UD (git-fixes).
• RDMA/mana_ib: remove useless return values from dbg prints (git-fixes).
• RDMA/mana_ib: request error CQEs when supported (git-fixes).
• RDMA/mana_ib: set node_guid (git-fixes).
• RDMA/mana_ib: support of the zero based MRs (bsc#1251135).
• RDMA/mana_ib: unify mana_ib functions to support any gdma device (git-fixes).
• Remove "scsi: Fix sas_user_scan() to handle wildcard and multi-channel scans" changes (bsc#1257506).
• USB: core: Limit the length of unkillable synchronous timeouts (git-fixes).
• USB: dummy-hcd: Fix interrupt synchronization error (git-fixes).
• USB: dummy-hcd: Fix locking/synchronization error (git-fixes).
• USB: ezcap401 needs USB_QUIRK_NO_BOS to function on 10gbs usb speed (stable-fixes).
• USB: serial: f81232: fix incomplete serial port generation (stable-fixes).
• USB: usbcore: Introduce usb_bulk_msg_killable() (git-fixes).
• USB: usbtmc: Use usb_bulk_msg_killable() with user-specified timeouts (git-fixes).
• accel/qaic: Handle DBC deactivation if the owner went away (git-fixes).
• apparmor: Fix double free of ns_name in aa_replace_profiles() (bsc#1258849).
• apparmor: fix differential encoding verification (bsc#1258849).
• apparmor: fix memory leak in verify_header (bsc#1258849).
• apparmor: fix missing bounds check on DEFAULT table in verify_dfa() (bsc#1258849).
• apparmor: fix race between freeing data and fs accessing it (bsc#1258849).
• apparmor: fix race on rawdata dereference (bsc#1258849).
• apparmor: fix side-effect bug in match_char() macro usage (bsc#1258849).
• apparmor: fix unprivileged local user can do privileged policy management (bsc#1258849).
• apparmor: fix: limit the number of levels of policy namespaces (bsc#1258849).
• apparmor: replace recursive profile removal with iterative approach (bsc#1258849).
• apparmor: validate DFA start states are in bounds in unpack_pdb (bsc#1258849).
• batman-adv: Avoid double-rtnl_lock ELP metric worker (git-fixes).
• bonding: do not set usable_slaves for broadcast mode (git-fixes).
• btrfs: fix zero size inode with non-zero size after log replay (git-fixes).
• btrfs: log new dentries when logging parent dir of a conflicting inode (git-fixes).
• btrfs: tracepoints: get correct superblock from dentry in event btrfs_sync_file() (bsc#1257777).
• can: bcm: fix locking for bcm_op runtime updates (git-fixes).
• can: ems_usb: ems_usb_read_bulk_callback(): check the proper length of a message (git-fixes).
• can: gw: fix OOB heap access in cgw_csum_crc8_rel() (git-fixes).
• can: hi311x: hi3110_open(): add check for hi3110_power_enable() return value (git-fixes).
• can: isotp: fix tx.buf use-after-free in isotp_sendmsg() (git-fixes).
• can: mcp251x: fix deadlock in error path of mcp251x_open (git-fixes).
• can: ucan: Fix infinite loop from zero-length messages (git-fixes).
• can: usb: etas_es58x: correctly anchor the urb in the read bulk callback (git-fixes).
• comedi: Reinit dev->spinlock between attachments to low-level drivers (git-fixes).
• comedi: me4000: Fix potential overrun of firmware buffer (git-fixes).
• comedi: me_daq: Fix potential overrun of firmware buffer (git-fixes).
• comedi: ni_atmio16d: Fix invalid clean-up after failed attach (git-fixes).
• crypto: af-alg - fix NULL pointer dereference in scatterwalk (git-fixes).
• crypto: caam - fix DMA corruption on long hmac keys (git-fixes).
• crypto: caam - fix overflow on long hmac keys (git-fixes).
• dmaengine: idxd: Fix freeing the allocated ida too late (git-fixes).
• dmaengine: idxd: Fix leaking event log memory (git-fixes).
• dmaengine: idxd: Fix memory leak when a wq is reset (git-fixes).
• dmaengine: idxd: Fix not releasing workqueue on .release() (git-fixes).
• dmaengine: idxd: Remove usage of the deprecated ida_simple_xx() API (stable-fixes).
• dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc() (git-fixes).
• dmaengine: sh: rz-dmac: Move CHCTRL updates under spinlock (git-fixes).
• dmaengine: sh: rz-dmac: Protect the driver specific lists (git-fixes).
• dmaengine: xilinx: xdma: Fix regmap init error handling (git-fixes).
• dmaengine: xilinx: xilinx_dma: Fix dma_device directions (git-fixes).
• dmaengine: xilinx: xilinx_dma: Fix residue calculation for cyclic DMA (git-fixes).
• dmaengine: xilinx: xilinx_dma: Fix unmasked residue subtraction (git-fixes).
• drm/amd/display: Add pixel_clock to amd_pp_display_configuration (stable-fixes).
• drm/amd/display: Fix DisplayID not-found handling in parse_edid_displayid_vrr() (git-fixes).
• drm/amd: Set num IP blocks to 0 if discovery fails (stable-fixes).
• drm/amdgpu/gmc9.0: add bounds checking for cid (stable-fixes).
• drm/amdgpu/mmhub2.0: add bounds checking for cid (stable-fixes).
• drm/amdgpu/mmhub2.3: add bounds checking for cid (stable-fixes).
• drm/amdgpu/mmhub3.0.1: add bounds checking for cid (stable-fixes).
• drm/amdgpu/mmhub3.0.2: add bounds checking for cid (stable-fixes).
• drm/amdgpu/mmhub3.0: add bounds checking for cid (stable-fixes).
• drm/amdgpu: Fix fence put before wait in amdgpu_amdkfd_submit_ib (git-fixes).
• drm/amdgpu: Fix use-after-free race in VM acquire (stable-fixes).
• drm/amdgpu: apply state adjust rules to some additional HAINAN vairants (stable-fixes).
• drm/amdgpu: keep vga memory on MacBooks with switchable graphics (stable-fixes).
• drm/ast: dp501: Fix initialization of SCU2C (git-fixes).
• drm/bridge: ti-sn65dsi83: fix CHA_DSI_CLK_RANGE rounding (git-fixes).
• drm/bridge: ti-sn65dsi86: Add support for DisplayPort mode with HPD (stable-fixes).
• drm/i915/dp: Use crtc_state->enhanced_framing properly on ivb/hsw CPU eDP (git-fixes).
• drm/i915/gmbus: fix spurious timeout on 512-byte burst reads (git-fixes).
• drm/i915/gt: Check set_default_submission() before deferencing (git-fixes).
• drm/ioc32: stop speculation on the drm_compat_ioctl path (git-fixes).
• drm/msm/dsi: Document DSC related pclk_rate and hdisplay calculations (stable-fixes).
• drm/msm/dsi: fix hdisplay calculation when programming dsi registers (git-fixes).
• drm/msm/dsi: fix pclk rate calculation for bonded dsi (git-fixes).
• drm/radeon: apply state adjust rules to some additional HAINAN vairants (stable-fixes).
• drm/sched: Fix kernel-doc warning for drm_sched_job_done() (git-fixes).
• drm/solomon: Fix page start when updating rectangle in page addressing mode (git-fixes).
• firmware: arm_scpi: Fix device_node reference leak in probe path (git-fixes).
• gpio: mxc: map Both Edge pad wakeup to Rising Edge (git-fixes).
• hv/hv_kvp_daemon: Handle IPv4 and Ipv6 combination for keyfile format (git-fixes).
• hv/hv_kvp_daemon: Pass NIC name to hv_get_dns_info as well (git-fixes).
• hwmon: (adm1177) fix sysfs ABI violation and current unit conversion (git-fixes).
• hwmon: (axi-fan-control) Make use of dev_err_probe() (stable-fixes).
• hwmon: (axi-fan-control) Use device firmware agnostic API (stable-fixes).
• hwmon: (it87) Check the it87_lock() return value (git-fixes).
• hwmon: (occ) Fix division by zero in occ_show_power_1() (git-fixes).
• hwmon: (occ) Fix missing newline in occ_show_extended() (git-fixes).
• hwmon: (peci/cputemp) Fix crit_hyst returning delta instead of absolute temperature (git-fixes).
• hwmon: (peci/cputemp) Fix off-by-one in cputemp_is_visible() (git-fixes).
• hwmon: (pmbus/isl68137) Add mutex protection for AVS enable sysfs attributes (git-fixes).
• hwmon: (pmbus/isl68137) Fix unchecked return value and use sysfs_emit() (git-fixes).
• hwmon: (pmbus/q54sj108a2) fix stack overflow in debugfs read (git-fixes).
• hwmon: (pxe1610) Check return value of page-select write in probe (git-fixes).
• hwmon: (tps53679) Fix device ID comparison and printing in tps53676_identify() (git-fixes).
• hwmon: axi-fan: do not use driver_override as IRQ name (git-fixes).
• i2c: cp2615: fix serial string NULL-deref at probe (git-fixes).
• i2c: cp2615: replace deprecated strncpy with strscpy (stable-fixes).
• i2c: fsi: Fix a potential leak in fsi_i2c_probe() (git-fixes).
• i2c: pxa: defer reset on Armada 3700 when recovery is used (git-fixes).
• idpf: nullify pointers after they are freed (git-fixes).
• iio: accel: fix ADXL355 temperature signature value (git-fixes).
• iio: adc: ti-adc161s626: fix buffer read on big-endian (git-fixes).
• iio: chemical: bme680: Fix measurement wait duration calculation (git-fixes).
• iio: chemical: sps30_i2c: fix buffer size in sps30_i2c_read_meas() (git-fixes).
• iio: chemical: sps30_serial: fix buffer size in sps30_serial_read_meas() (git-fixes).
• iio: dac: ad5770r: fix error return in ad5770r_read_raw() (git-fixes).
• iio: dac: ds4424: reject -128 RAW value (git-fixes).
• iio: frequency: adf4377: Fix duplicated soft reset mask (git-fixes).
• iio: gyro: mpu3050-core: fix pm_runtime error handling (git-fixes).
• iio: gyro: mpu3050-i2c: fix pm_runtime error handling (git-fixes).
• iio: gyro: mpu3050: Fix incorrect free_irq() variable (git-fixes).
• iio: gyro: mpu3050: Fix irq resource leak (git-fixes).
• iio: gyro: mpu3050: Fix out-of-sequence free_irq() (git-fixes).
• iio: gyro: mpu3050: Move iio_device_register() to correct location (git-fixes).
• iio: imu: bmi160: Remove potential undefined behavior in bmi160_config_pin() (git-fixes).
• iio: imu: bno055: fix BNO055_SCAN_CH_COUNT off by one (git-fixes).
• iio: imu: inv_icm42600: fix odr switch to the same value (git-fixes).
• iio: imu: st_lsm6dsx: Set FIFO ODR for accelerometer and gyroscope only (git-fixes).
• iio: light: vcnl4035: fix scan buffer on big-endian (git-fixes).
• iio: potentiometer: mcp4131: fix double application of wiper shift (git-fixes).
• media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex (git-fixes).
• media: tegra-video: Use accessors for pad config 'try_*' fields (stable-fixes).
• mfd: omap-usb-host: Convert to platform remove callback returning void (stable-fixes).
• mfd: omap-usb-host: Fix OF populate on driver rebind (git-fixes).
• mfd: qcom-pm8xxx: Convert to platform remove callback returning void (stable-fixes).
• mfd: qcom-pm8xxx: Fix OF populate on driver rebind (git-fixes).
• misc: fastrpc: possible double-free of cctx->remote_heap (git-fixes).
• mmc: sdhci-pci-gli: fix GL9750 DMA write corruption (git-fixes).
• mmc: sdhci: fix timing selection for 1-bit bus width (git-fixes).
• mtd: Avoid boot crash in RedBoot partition table parser (git-fixes).
• mtd: rawnand: brcmnand: skip DMA during panic write (git-fixes).
• mtd: rawnand: cadence: Fix error check for dma_alloc_coherent() in cadence_nand_init() (git-fixes).
• mtd: rawnand: pl353: make sure optimal timings are applied (git-fixes).
• mtd: rawnand: serialize lock/unlock against other NAND operations (git-fixes).
• mtd: spi-nor: core: avoid odd length/address reads on 8D-8D-8D mode (stable-fixes).
• mtd: spi-nor: core: avoid odd length/address writes in 8D-8D-8D mode (stable-fixes).
• net/mana: Null service_wq on setup error to prevent double destroy (git-fix).
• net/mlx5: Fix crash when moving to switchdev mode (git-fixes).
• net/rose: fix NULL pointer dereference in rose_transmit_link on reconnect (git-fixes).
• net/x25: Fix overflow when accumulating packets (git-fixes).
• net/x25: Fix potential double free of skb (git-fixes).
• net: mana: Add metadata support for xdp mode (git-fixes).
• net: mana: Add standard counter rx_missed_errors (git-fixes).
• net: mana: Add support for auxiliary device servicing events (bsc#1251971).
• net: mana: Change the function signature of mana_get_primary_netdev_rcu (bsc#1256690).
• net: mana: Drop TX skb on post_work_request failure and unmap resources (git-fixes).
• net: mana: Fix double destroy_workqueue on service rescan PCI path (git-fixes).
• net: mana: Fix use-after-free in reset service rescan path (git-fixes).
• net: mana: Fix warnings for missing export.h header inclusion (git-fixes).
• net: mana: Handle Reset Request from MANA NIC (bsc#1245728 bsc#1251971).
• net: mana: Handle SKB if TX SGEs exceed hardware limit (git-fixes).
• net: mana: Handle hardware recovery events when probing the device (bsc#1257466).
• net: mana: Handle unsupported HWC commands (git-fixes).
• net: mana: Implement ndo_tx_timeout and serialize queue resets per port (bsc#1257472).
• net: mana: Move hardware counter stats from per-port to per-VF context (git-fixes).
• net: mana: Probe rdma device in mana driver (git-fixes).
• net: mana: Reduce waiting time if HWC not responding (bsc#1252266).
• net: mana: Ring doorbell at 4 CQ wraparounds (git-fixes).
• net: mana: Support HW link state events (bsc#1253049).
• net: mana: Trigger VF reset/recovery on health check failure due to HWC timeout (bsc#1259580).
• net: mana: Use mana_cleanup_port_context() for rxq cleanup (git-fixes).
• net: mana: fix spelling for mana_gd_deregiser_irq() (git-fixes).
• net: mana: fix use-after-free in add_adev() error path (git-fixes).
• net: mana: use ethtool string helpers (git-fixes).
• net: nfc: nci: Fix zero-length proprietary notifications (git-fixes).
• net: usb: aqc111: Do not perform PM inside suspend callback (git-fixes).
• net: usb: cdc_ncm: add ndpoffset to NDP16 nframes bounds check (git-fixes).
• net: usb: cdc_ncm: add ndpoffset to NDP32 nframes bounds check (git-fixes).
• net: usb: lan78xx: fix TX byte statistics for small packets (git-fixes).
• net: usb: lan78xx: fix silent drop of packets with checksum errors (git-fixes).
• net: usb: pegasus: validate USB endpoints (stable-fixes).
• nfc: nci: clear NCI_DATA_EXCHANGE before calling completion callback (git-fixes).
• nfc: nci: fix circular locking dependency in nci_close_device (git-fixes).
• nfc: nci: free skb on nci_transceive early error paths (git-fixes).
• nfc: rawsock: cancel tx_work before socket teardown (git-fixes).
• nouveau/dpcd: return EBUSY for aux xfer if the device is asleep (git-fixes).
• phy: ti: j721e-wiz: Fix device node reference leak in wiz_get_lane_phy_types() (git-fixes).
• pinctrl: equilibrium: fix warning trace on load (git-fixes).
• pinctrl: equilibrium: rename irq_chip function callbacks (stable-fixes).
• pinctrl: mediatek: common: Fix probe failure for devices without EINT (git-fixes).
• pinctrl: qcom: spmi-gpio: implement .get_direction() (git-fixes).
• platform/olpc: olpc-xo175-ec: Fix overflow error message to print inlen (git-fixes).
• platform/x86: ISST: Correct locked bit width (git-fixes).
• platform/x86: dell-wmi-sysman: Do not hex dump plaintext password data (git-fixes).
• platform/x86: dell-wmi: Add audio/mic mute key codes (stable-fixes).
• platform/x86: intel-hid: Add Dell 14 Plus 2-in-1 to dmi_vgbs_allow_list (stable-fixes).
• platform/x86: intel-hid: Enable 5-button array on ThinkPad X1 Fold 16 Gen 1 (stable-fixes).
• platform/x86: touchscreen_dmi: Add quirk for y-inverted Goodix touchscreen on SUPI S10 (stable-fixes).
• qmi_wwan: allow max_mtu above hard_mtu to control rx_urb_size (git-fixes).
• regmap: Synchronize cache for the page selector (git-fixes).
• regulator: pca9450: Correct interrupt type (git-fixes).
• regulator: pca9450: Make IRQ optional (stable-fixes).
• remoteproc: sysmon: Correct subsys_name_len type in QMI request (git-fixes).
• rename Hyper-v patch files to simplify further SP6-SP7 merges
• s390: Disable ARCH_WANT_OPTIMIZE_HUGETLB_VMEMMAP (bsc#1254306).
• scsi: mpi3mr: Event processing debug improvement (bsc#1251186, bsc#1258832).
• scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT (git-fixes).
• scsi: storvsc: Remove redundant ternary operators (git-fixes).
• selftests/powerpc: Re-order *FLAGS to follow lib.mk (bsc#1261669).
• selftests/powerpc: Suppress -Wmaybe-uninitialized with GCC 15 (bsc#1261669).
• selftests/powerpc: make sub-folders buildable on their own (bsc#1261669).
• serial: 8250: Add late synchronize_irq() to shutdown to handle DW UART BUSY (git-fixes).
• serial: 8250: Fix TX deadlock when using DMA (git-fixes).
• serial: 8250_pci: add support for the AX99100 (stable-fixes).
• serial: uartlite: fix PM runtime usage count underflow on probe (git-fixes).
• soc: aspeed: socinfo: Mask table entries for accurate SoC ID matching (git-fixes).
• soc: fsl: qbman: fix race condition in qman_destroy_fq (git-fixes).
• spi: fix statistics allocation (git-fixes).
• spi: fix use-after-free on controller registration failure (git-fixes).
• spi: spi-fsl-lpspi: fix teardown order issue (UAF) (git-fixes).
• staging: rtl8723bs: properly validate the data in rtw_get_ie_ex() (stable-fixes).
• tg3: Fix race for querying speed/duplex (bsc#1257183).
• thunderbolt: Fix property read in nhi_wake_supported() (git-fixes).
• tools/hv: add a .gitignore file (git-fixes).
• tools/hv: reduce resouce usage in hv_get_dns_info helper (git-fixes).
• tools/hv: reduce resource usage in hv_kvp_daemon (git-fixes).
• tools: hv: Enable debug logs for hv_kvp_daemon (git-fixes).
• tools: hv: lsvmbus: change shebang to use python3 (git-fixes).
• usb/core/quirks: Add Huawei ME906S-device to wakeup quirk (stable-fixes).
• usb: cdc-acm: Restore CAP_BRK functionnality to CH343 (git-fixes).
• usb: cdns3: call cdns_power_is_lost() only once in cdns_resume() (stable-fixes).
• usb: cdns3: fix role switching during resume (git-fixes).
• usb: cdns3: gadget: fix NULL pointer dereference in ep_queue (git-fixes).
• usb: cdns3: gadget: fix state inconsistency on gadget init failure (git-fixes).
• usb: cdns3: remove redundant if branch (stable-fixes).
• usb: class: cdc-wdm: fix reordering issue in read code path (git-fixes).
• usb: core: do not power off roothub PHYs if phy_set_mode() fails (git-fixes).
• usb: dwc2: gadget: Fix spin_lock/unlock mismatch in dwc2_hsotg_udc_stop() (git-fixes).
• usb: dwc3: pci: add support for the Intel Nova Lake -H (stable-fixes).
• usb: ehci-brcm: fix sleep during atomic (git-fixes).
• usb: gadget: f_mass_storage: Fix potential integer overflow in check_command_size_in_blocks() (git-fixes).
• usb: gadget: f_rndis: Protect RNDIS options with mutex (git-fixes).
• usb: gadget: f_subset: Fix unbalanced refcnt in geth_free (git-fixes).
• usb: gadget: u_ether: Fix race between gether_disconnect and eth_stop (git-fixes).
• usb: gadget: uvc: fix NULL pointer dereference during unbind race (git-fixes).
• usb: image: mdc800: kill download URB on timeout (stable-fixes).
• usb: mdc800: handle signal and read racing (stable-fixes).
• usb: misc: uss720: properly clean up reference in uss720_probe() (stable-fixes).
• usb: renesas_usbhs: fix use-after-free in ISR during device removal (git-fixes).
• usb: roles: get usb role switch from parent only for usb-b-connector (git-fixes).
• usb: ulpi: fix double free in ulpi_register_interface() error path (git-fixes).
• usb: usbtmc: Flush anchored URBs in usbtmc_release (git-fixes).
• usb: xhci: Fix memory leak in xhci_disable_slot() (git-fixes).
• usb: xhci: Prevent interrupt storm on host controller error (HCE) (stable-fixes).
• usb: yurex: fix race in probe (stable-fixes).
• wifi: cfg80211: cancel pmsr_free_wk in cfg80211_pmsr_wdev_down (git-fixes).
• wifi: cw1200: Fix locking in error paths (git-fixes).
• wifi: iwlwifi: mvm: fix potential out-of-bounds read in iwl_mvm_nd_match_info_handler() (git-fixes).
• wifi: mac80211: Fix static_branch_dec() underflow for aql_disable (git-fixes).
• wifi: mac80211: fix NULL deref in mesh_matches_local() (git-fixes).
• wifi: mac80211: set default WMM parameters on all links (stable-fixes).
• wifi: mt76: Fix possible oob access in mt76_connac2_mac_write_txwi_80211() (git-fixes).
• wifi: mt76: mt7925: Fix possible oob access in mt7925_mac_write_txwi_80211() (git-fixes).
• wifi: mt76: mt7996: Fix possible oob access in mt7996_mac_write_txwi_80211() (git-fixes).
• wifi: rsi: Do not default to -EOPNOTSUPP in rsi_mac80211_config (git-fixes).
• wifi: wilc1000: fix u8 overflow in SSID scan buffer size calculation (git-fixes).
• wifi: wlcore: Fix a locking bug (git-fixes).
• wifi: wlcore: Return -ENOMEM instead of -EAGAIN if there is not enough headroom (git-fixes).
• x86/platform/uv: Handle deconfigured sockets (bsc#1260347).
• xen/privcmd: unregister xenstore notifier on module exit (git-fixes).

Special Instructions and Notes:

• Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Micro 6.1
  zypper in -t patch SUSE-SLE-Micro-6.1-kernel-340=1

Package List:

• SUSE Linux Micro 6.1 (noarch)
  • kernel-source-6.4.0-41.1
  • kernel-macros-6.4.0-41.1
  • kernel-devel-6.4.0-41.1
• SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64 nosrc)
  • kernel-default-6.4.0-41.1
• SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64)
  • kernel-default-debuginfo-6.4.0-41.1
  • kernel-default-debugsource-6.4.0-41.1
  • kernel-default-devel-6.4.0-41.1
• SUSE Linux Micro 6.1 (aarch64 ppc64le x86_64)
  • kernel-default-base-6.4.0-41.1.21.18
• SUSE Linux Micro 6.1 (ppc64le x86_64)
  • kernel-default-devel-debuginfo-6.4.0-41.1
• SUSE Linux Micro 6.1 (s390x x86_64)
  • kernel-default-livepatch-6.4.0-41.1
• SUSE Linux Micro 6.1 (nosrc x86_64)
  • kernel-kvmsmall-6.4.0-41.1
• SUSE Linux Micro 6.1 (x86_64)
  • kernel-kvmsmall-debuginfo-6.4.0-41.1
  • kernel-kvmsmall-debugsource-6.4.0-41.1

References:

• https://www.suse.com/security/cve/CVE-2024-38542.html
• https://www.suse.com/security/cve/CVE-2025-39817.html
• https://www.suse.com/security/cve/CVE-2025-39998.html
• https://www.suse.com/security/cve/CVE-2025-40201.html
• https://www.suse.com/security/cve/CVE-2025-40253.html
• https://www.suse.com/security/cve/CVE-2025-68794.html
• https://www.suse.com/security/cve/CVE-2025-71066.html
• https://www.suse.com/security/cve/CVE-2025-71125.html
• https://www.suse.com/security/cve/CVE-2025-71231.html
• https://www.suse.com/security/cve/CVE-2025-71268.html
• https://www.suse.com/security/cve/CVE-2025-71269.html
• https://www.suse.com/security/cve/CVE-2026-23030.html
• https://www.suse.com/security/cve/CVE-2026-23047.html
• https://www.suse.com/security/cve/CVE-2026-23054.html
• https://www.suse.com/security/cve/CVE-2026-23069.html
• https://www.suse.com/security/cve/CVE-2026-23088.html
• https://www.suse.com/security/cve/CVE-2026-23103.html
• https://www.suse.com/security/cve/CVE-2026-23120.html
• https://www.suse.com/security/cve/CVE-2026-23125.html
• https://www.suse.com/security/cve/CVE-2026-23136.html
• https://www.suse.com/security/cve/CVE-2026-23140.html
• https://www.suse.com/security/cve/CVE-2026-23154.html
• https://www.suse.com/security/cve/CVE-2026-23157.html
• https://www.suse.com/security/cve/CVE-2026-23169.html
• https://www.suse.com/security/cve/CVE-2026-23187.html
• https://www.suse.com/security/cve/CVE-2026-23193.html
• https://www.suse.com/security/cve/CVE-2026-23201.html
• https://www.suse.com/security/cve/CVE-2026-23202.html
• https://www.suse.com/security/cve/CVE-2026-23204.html
• https://www.suse.com/security/cve/CVE-2026-23207.html
• https://www.suse.com/security/cve/CVE-2026-23216.html
• https://www.suse.com/security/cve/CVE-2026-23231.html
• https://www.suse.com/security/cve/CVE-2026-23242.html
• https://www.suse.com/security/cve/CVE-2026-23243.html
• https://www.suse.com/security/cve/CVE-2026-23255.html
• https://www.suse.com/security/cve/CVE-2026-23262.html
• https://www.suse.com/security/cve/CVE-2026-23270.html
• https://www.suse.com/security/cve/CVE-2026-23272.html
• https://www.suse.com/security/cve/CVE-2026-23274.html
• https://www.suse.com/security/cve/CVE-2026-23277.html
• https://www.suse.com/security/cve/CVE-2026-23278.html
• https://www.suse.com/security/cve/CVE-2026-23281.html
• https://www.suse.com/security/cve/CVE-2026-23292.html
• https://www.suse.com/security/cve/CVE-2026-23293.html
• https://www.suse.com/security/cve/CVE-2026-23304.html
• https://www.suse.com/security/cve/CVE-2026-23317.html
• https://www.suse.com/security/cve/CVE-2026-23319.html
• https://www.suse.com/security/cve/CVE-2026-23335.html
• https://www.suse.com/security/cve/CVE-2026-23343.html
• https://www.suse.com/security/cve/CVE-2026-23361.html
• https://www.suse.com/security/cve/CVE-2026-23379.html
• https://www.suse.com/security/cve/CVE-2026-23381.html
• https://www.suse.com/security/cve/CVE-2026-23383.html
• https://www.suse.com/security/cve/CVE-2026-23386.html
• https://www.suse.com/security/cve/CVE-2026-23395.html
• https://www.suse.com/security/cve/CVE-2026-23398.html
• https://www.suse.com/security/cve/CVE-2026-23412.html
• https://www.suse.com/security/cve/CVE-2026-23413.html
• https://www.suse.com/security/cve/CVE-2026-23414.html
• https://www.suse.com/security/cve/CVE-2026-23419.html
• https://www.suse.com/security/cve/CVE-2026-31788.html
• https://bugzilla.suse.com/show_bug.cgi?id=1226591
• https://bugzilla.suse.com/show_bug.cgi?id=1245728
• https://bugzilla.suse.com/show_bug.cgi?id=1249998
• https://bugzilla.suse.com/show_bug.cgi?id=1251135
• https://bugzilla.suse.com/show_bug.cgi?id=1251186
• https://bugzilla.suse.com/show_bug.cgi?id=1251971
• https://bugzilla.suse.com/show_bug.cgi?id=1252073
• https://bugzilla.suse.com/show_bug.cgi?id=1252266
• https://bugzilla.suse.com/show_bug.cgi?id=1253049
• https://bugzilla.suse.com/show_bug.cgi?id=1253455
• https://bugzilla.suse.com/show_bug.cgi?id=1254306
• https://bugzilla.suse.com/show_bug.cgi?id=1255084
• https://bugzilla.suse.com/show_bug.cgi?id=1256645
• https://bugzilla.suse.com/show_bug.cgi?id=1256647
• https://bugzilla.suse.com/show_bug.cgi?id=1256690
• https://bugzilla.suse.com/show_bug.cgi?id=1256784
• https://bugzilla.suse.com/show_bug.cgi?id=1257183
• https://bugzilla.suse.com/show_bug.cgi?id=1257466
• https://bugzilla.suse.com/show_bug.cgi?id=1257472
• https://bugzilla.suse.com/show_bug.cgi?id=1257473
• https://bugzilla.suse.com/show_bug.cgi?id=1257506
• https://bugzilla.suse.com/show_bug.cgi?id=1257561
• https://bugzilla.suse.com/show_bug.cgi?id=1257682
• https://bugzilla.suse.com/show_bug.cgi?id=1257732
• https://bugzilla.suse.com/show_bug.cgi?id=1257755
• https://bugzilla.suse.com/show_bug.cgi?id=1257773
• https://bugzilla.suse.com/show_bug.cgi?id=1257777
• https://bugzilla.suse.com/show_bug.cgi?id=1257814
• https://bugzilla.suse.com/show_bug.cgi?id=1257952
• https://bugzilla.suse.com/show_bug.cgi?id=1258280
• https://bugzilla.suse.com/show_bug.cgi?id=1258286
• https://bugzilla.suse.com/show_bug.cgi?id=1258293
• https://bugzilla.suse.com/show_bug.cgi?id=1258303
• https://bugzilla.suse.com/show_bug.cgi?id=1258305
• https://bugzilla.suse.com/show_bug.cgi?id=1258330
• https://bugzilla.suse.com/show_bug.cgi?id=1258337
• https://bugzilla.suse.com/show_bug.cgi?id=1258338
• https://bugzilla.suse.com/show_bug.cgi?id=1258340
• https://bugzilla.suse.com/show_bug.cgi?id=1258376
• https://bugzilla.suse.com/show_bug.cgi?id=1258389
• https://bugzilla.suse.com/show_bug.cgi?id=1258414
• https://bugzilla.suse.com/show_bug.cgi?id=1258424
• https://bugzilla.suse.com/show_bug.cgi?id=1258447
• https://bugzilla.suse.com/show_bug.cgi?id=1258524
• https://bugzilla.suse.com/show_bug.cgi?id=1258832
• https://bugzilla.suse.com/show_bug.cgi?id=1258849
• https://bugzilla.suse.com/show_bug.cgi?id=1259188
• https://bugzilla.suse.com/show_bug.cgi?id=1259461
• https://bugzilla.suse.com/show_bug.cgi?id=1259580
• https://bugzilla.suse.com/show_bug.cgi?id=1259707
• https://bugzilla.suse.com/show_bug.cgi?id=1259795
• https://bugzilla.suse.com/show_bug.cgi?id=1259797
• https://bugzilla.suse.com/show_bug.cgi?id=1259865
• https://bugzilla.suse.com/show_bug.cgi?id=1259870
• https://bugzilla.suse.com/show_bug.cgi?id=1259886
• https://bugzilla.suse.com/show_bug.cgi?id=1259889
• https://bugzilla.suse.com/show_bug.cgi?id=1259891
• https://bugzilla.suse.com/show_bug.cgi?id=1259997
• https://bugzilla.suse.com/show_bug.cgi?id=1259998
• https://bugzilla.suse.com/show_bug.cgi?id=1260005
• https://bugzilla.suse.com/show_bug.cgi?id=1260009
• https://bugzilla.suse.com/show_bug.cgi?id=1260347
• https://bugzilla.suse.com/show_bug.cgi?id=1260464
• https://bugzilla.suse.com/show_bug.cgi?id=1260471
• https://bugzilla.suse.com/show_bug.cgi?id=1260481
• https://bugzilla.suse.com/show_bug.cgi?id=1260486
• https://bugzilla.suse.com/show_bug.cgi?id=1260497
• https://bugzilla.suse.com/show_bug.cgi?id=1260500
• https://bugzilla.suse.com/show_bug.cgi?id=1260527
• https://bugzilla.suse.com/show_bug.cgi?id=1260544
• https://bugzilla.suse.com/show_bug.cgi?id=1260550
• https://bugzilla.suse.com/show_bug.cgi?id=1260562
• https://bugzilla.suse.com/show_bug.cgi?id=1260580
• https://bugzilla.suse.com/show_bug.cgi?id=1260730
• https://bugzilla.suse.com/show_bug.cgi?id=1260732
• https://bugzilla.suse.com/show_bug.cgi?id=1260735
• https://bugzilla.suse.com/show_bug.cgi?id=1260799
• https://bugzilla.suse.com/show_bug.cgi?id=1261412
• https://bugzilla.suse.com/show_bug.cgi?id=1261496
• https://bugzilla.suse.com/show_bug.cgi?id=1261498
• https://bugzilla.suse.com/show_bug.cgi?id=1261507
• https://bugzilla.suse.com/show_bug.cgi?id=1261669