Security update for the Linux Kernel

Announcement ID:	SUSE-SU-2025:02249-1
Release Date:	2025-07-08T09:05:19Z
Rating:	important
References:	bsc#1151679 bsc#1151680 bsc#1151794 bsc#1151927 bsc#1210025 bsc#1211226 bsc#1215199 bsc#1218184 bsc#1223008 bsc#1228557 bsc#1228854 bsc#1232504 bsc#1232882 bsc#1235490 bsc#1235728 bsc#1236208 bsc#1237312 bsc#1237913 bsc#1238859 bsc#1238982 bsc#1240180 bsc#1240577 bsc#1240610 bsc#1240686 bsc#1240723 bsc#1240814 bsc#1240823 bsc#1241166 bsc#1241278 bsc#1241414 bsc#1241544 bsc#1241572 bsc#1241592 bsc#1241617 bsc#1242086 bsc#1242163 bsc#1242504 bsc#1242515 bsc#1242521 bsc#1242556 bsc#1242573 bsc#1242725 bsc#1242846 bsc#1242849 bsc#1242850 bsc#1242907 bsc#1242940 bsc#1242946 bsc#1242954 bsc#1242982 bsc#1243051 bsc#1243060 bsc#1243342 bsc#1243467 bsc#1243475 bsc#1243480 bsc#1243506 bsc#1243523 bsc#1243537 bsc#1243538 bsc#1243542 bsc#1243544 bsc#1243551 bsc#1243571 bsc#1243572 bsc#1243620 bsc#1243628 bsc#1243698 bsc#1243774 bsc#1243782 bsc#1243823 bsc#1243827 bsc#1243832 bsc#1243836 bsc#1243847 bsc#1244100 bsc#1244145 bsc#1244172 bsc#1244176 bsc#1244229 bsc#1244234 bsc#1244241 bsc#1244261 bsc#1244274 bsc#1244275 bsc#1244277 bsc#1244309 bsc#1244313 bsc#1244337 bsc#1244626 bsc#1244725 bsc#1244727 bsc#1244729 bsc#1244731 bsc#1244732 bsc#1244736 bsc#1244737 bsc#1244738 bsc#1244739 bsc#1244743 bsc#1244746 bsc#1244759 bsc#1244789 bsc#1244862 bsc#1244906 bsc#1244938 bsc#1244995 bsc#1244996 bsc#1244999 bsc#1245001 bsc#1245003 bsc#1245004 bsc#1245025 bsc#1245042 bsc#1245046 bsc#1245078 bsc#1245081 bsc#1245082 bsc#1245083 bsc#1245155 bsc#1245183 bsc#1245193 bsc#1245210 bsc#1245217 bsc#1245225 bsc#1245226 bsc#1245228 bsc#1245431 bsc#1245455 jsc#PED-10253 jsc#PED-12551
Cross-References:	CVE-2023-52888 CVE-2024-26831 CVE-2024-49568 CVE-2024-50106 CVE-2024-56613 CVE-2024-56699 CVE-2024-57982 CVE-2024-58053 CVE-2025-21658 CVE-2025-21720 CVE-2025-21868 CVE-2025-21898 CVE-2025-21899 CVE-2025-21920 CVE-2025-21938 CVE-2025-21959 CVE-2025-21997 CVE-2025-22035 CVE-2025-22083 CVE-2025-22111 CVE-2025-22113 CVE-2025-22120 CVE-2025-23155 CVE-2025-37738 CVE-2025-37743 CVE-2025-37752 CVE-2025-37756 CVE-2025-37757 CVE-2025-37786 CVE-2025-37800 CVE-2025-37801 CVE-2025-37811 CVE-2025-37844 CVE-2025-37859 CVE-2025-37862 CVE-2025-37865 CVE-2025-37874 CVE-2025-37884 CVE-2025-37909 CVE-2025-37917 CVE-2025-37921 CVE-2025-37923 CVE-2025-37927 CVE-2025-37933 CVE-2025-37936 CVE-2025-37938 CVE-2025-37945 CVE-2025-37946 CVE-2025-37961 CVE-2025-37967 CVE-2025-37968 CVE-2025-37973 CVE-2025-37987 CVE-2025-37992 CVE-2025-37994 CVE-2025-37995 CVE-2025-37997 CVE-2025-37998 CVE-2025-38000 CVE-2025-38001 CVE-2025-38003 CVE-2025-38004 CVE-2025-38005 CVE-2025-38007 CVE-2025-38009 CVE-2025-38010 CVE-2025-38011 CVE-2025-38013 CVE-2025-38014 CVE-2025-38015 CVE-2025-38018 CVE-2025-38020 CVE-2025-38022 CVE-2025-38023 CVE-2025-38024 CVE-2025-38027 CVE-2025-38031 CVE-2025-38040 CVE-2025-38043 CVE-2025-38044 CVE-2025-38045 CVE-2025-38053 CVE-2025-38057 CVE-2025-38059 CVE-2025-38060 CVE-2025-38065 CVE-2025-38068 CVE-2025-38072 CVE-2025-38077 CVE-2025-38078 CVE-2025-38079 CVE-2025-38080 CVE-2025-38081 CVE-2025-38083
CVSS scores:	CVE-2023-52888 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2023-52888 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-26831 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVE-2024-26831 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-49568 ( SUSE ): 5.9 CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-49568 ( SUSE ): 6.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H CVE-2024-50106 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-50106 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-50106 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-56613 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N CVE-2024-56613 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L CVE-2024-56613 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-56699 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N CVE-2024-56699 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2024-57982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-57982 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2024-58053 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21658 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-21658 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21658 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21720 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21868 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21898 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-21898 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21898 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21899 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-21899 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21920 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-21920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21920 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2025-21938 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-21938 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21959 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-21959 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-21959 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21997 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-21997 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21997 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-22035 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2025-22035 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2025-22083 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-22083 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-22111 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-22111 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-22113 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-22113 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H CVE-2025-22120 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-22120 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-23155 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-37738 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-37738 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-37743 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N CVE-2025-37743 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVE-2025-37752 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2025-37756 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-37757 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-37786 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-37800 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-37800 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-37800 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-37801 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-37801 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-37801 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-37811 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-37811 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-37844 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-37859 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N CVE-2025-37859 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVE-2025-37862 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-37862 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-37865 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-37874 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-37884 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-37884 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-37909 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N CVE-2025-37909 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVE-2025-37917 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-37917 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-37921 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N CVE-2025-37921 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N CVE-2025-37923 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N CVE-2025-37923 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N CVE-2025-37927 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N CVE-2025-37927 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N CVE-2025-37933 ( SUSE ): 4.1 CVSS:4.0/AV:P/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-37933 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CVE-2025-37936 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-37938 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-37945 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-37946 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-37961 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-37967 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-37968 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-37973 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-37987 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-37992 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-37992 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-37994 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N CVE-2025-37994 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L CVE-2025-37995 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-37995 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-37997 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N CVE-2025-37997 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2025-37998 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N CVE-2025-37998 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVE-2025-38000 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2025-38000 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2025-38001 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2025-38001 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2025-38003 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N CVE-2025-38003 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H CVE-2025-38004 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38004 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2025-38005 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N CVE-2025-38005 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H CVE-2025-38007 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38009 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N CVE-2025-38009 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVE-2025-38010 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N CVE-2025-38010 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L CVE-2025-38011 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38011 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38013 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N CVE-2025-38013 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H CVE-2025-38014 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38014 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H CVE-2025-38015 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38015 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38018 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38018 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38020 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38020 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38022 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N CVE-2025-38022 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2025-38023 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38023 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38024 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38024 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38027 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N CVE-2025-38027 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2025-38031 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38031 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H CVE-2025-38040 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38040 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H CVE-2025-38043 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N CVE-2025-38043 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N CVE-2025-38044 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N CVE-2025-38044 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N CVE-2025-38045 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N CVE-2025-38045 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L CVE-2025-38053 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38057 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38057 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38059 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38059 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CVE-2025-38060 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2025-38060 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2025-38065 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2025-38065 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2025-38068 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N CVE-2025-38068 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2025-38072 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38072 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38077 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38077 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38078 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38078 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2025-38080 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38080 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38081 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38081 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:	openSUSE Leap 15.6 Public Cloud Module 15-SP6 SUSE Linux Enterprise Server 15 SP6 SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves 94 vulnerabilities, contains two features and has 35 security fixes can now be installed.

Description:

The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

• CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL (bsc#1228557).
• CVE-2024-49568: net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg (bsc#1235728).
• CVE-2024-57982: xfrm: state: fix out-of-bounds read during lookup (bsc#1237913).
• CVE-2024-58053: rxrpc: Fix handling of received connection abort (bsc#1238982).
• CVE-2025-21720: xfrm: delete intermediate secpath entry in packet offload mode (bsc#1238859).
• CVE-2025-21868: kABI workaround for adding an header (bsc#1240180).
• CVE-2025-21898: ftrace: Avoid potential division by zero in function_stat_show() (bsc#1240610).
• CVE-2025-21899: tracing: Fix bad hist from corrupting named_triggers list (bsc#1240577).
• CVE-2025-21920: vlan: enforce underlying device type (bsc#1240686).
• CVE-2025-21938: mptcp: fix 'scheduling while atomic' in mptcp_pm_nl_append_new_local_addr (bsc#1240723).
• CVE-2025-21959: netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree() (bsc#1240814).
• CVE-2025-21997: xsk: fix an integer overflow in xp_create_and_assign_umem() (bsc#1240823).
• CVE-2025-22035: tracing: Fix use-after-free in print_graph_function_flags during tracer switching (bsc#1241544).
• CVE-2025-22111: kABI fix for net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF (bsc#1241572).
• CVE-2025-22113: ext4: define ext4_journal_destroy wrapper (bsc#1241617).
• CVE-2025-23155: net: stmmac: Fix accessing freed irq affinity_hint (bsc#1242573).
• CVE-2025-37738: ext4: ignore xattrs past end (bsc#1242846).
• CVE-2025-37743: wifi: ath12k: Avoid memory leak while enabling statistics (bsc#1242163).
• CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1242504).
• CVE-2025-37756: net: tls: explicitly disallow disconnect (bsc#1242515).
• CVE-2025-37757: tipc: fix memory leak in tipc_link_xmit (bsc#1242521).
• CVE-2025-37786: net: dsa: free routing table on probe failure (bsc#1242725).
• CVE-2025-37800: driver core: fix potential NULL pointer dereference in dev_uevent() (bsc#1242849).
• CVE-2025-37801: spi: spi-imx: Add check for spi_imx_setupxfer() (bsc#1242850).
• CVE-2025-37811: usb: chipidea: ci_hdrc_imx: fix usbmisc handling (bsc#1242907).
• CVE-2025-37844: cifs: avoid NULL pointer dereference in dbg call (bsc#1242946).
• CVE-2025-37859: page_pool: avoid infinite loop to schedule delayed worker (bsc#1243051).
• CVE-2025-37862: HID: pidff: Fix null pointer dereference in pidff_find_fields (bsc#1242982).
• CVE-2025-37865: net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported (bsc#1242954).
• CVE-2025-37874: net: ngbe: fix memory leak in ngbe_probe() error path (bsc#1242940).
• CVE-2025-37884: bpf: Fix deadlock between rcu_tasks_trace and event_mutex (bsc#1243060).
• CVE-2025-37909: net: lan743x: Fix memleak issue when GSO enabled (bsc#1243467).
• CVE-2025-37917: net: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll (bsc#1243475).
• CVE-2025-37921: vxlan: vnifilter: Fix unlocked deletion of default FDB entry (bsc#1243480).
• CVE-2025-37923: tracing: Fix oob write in trace_seq_to_buffer() (bsc#1243551).
• CVE-2025-37927: iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid (bsc#1243620).
• CVE-2025-37933: octeon_ep: Fix host hang issue during device reboot (bsc#1243628).
• CVE-2025-37936: perf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU's value (bsc#1243537).
• CVE-2025-37938: tracing: Verify event formats that have "%*p.." (bsc#1243544).
• CVE-2025-37945: net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY (bsc#1243538).
• CVE-2025-37961: ipvs: fix uninit-value for saddr in do_output_route4 (bsc#1243523).
• CVE-2025-37967: usb: typec: ucsi: displayport: Fix deadlock (bsc#1243572).
• CVE-2025-37968: iio: light: opt3001: fix deadlock due to concurrent flag access (bsc#1243571).
• CVE-2025-37987: pds_core: Prevent possible adminq overflow/stuck condition (bsc#1243542).
• CVE-2025-37992: net_sched: Flush gso_skb list too during ->change() (bsc#1243698).
• CVE-2025-37995: module: ensure that kobject_put() is safe for module type kobjects (bsc#1243827).
• CVE-2025-37997: netfilter: ipset: fix region locking in hash types (bsc#1243832).
• CVE-2025-37998: openvswitch: Fix unsafe attribute parsing in output_userspace() (bsc#1243836).
• CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1244277).
• CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244234).
• CVE-2025-38011: drm/amdgpu: csa unmap use uninterruptible lock (bsc#1244729).
• CVE-2025-38018: net/tls: fix kernel panic when alloc_page failed (bsc#1244999).
• CVE-2025-38053: idpf: fix null-ptr-deref in idpf_features_check (bsc#1244746).
• CVE-2025-38057: espintcp: fix skb leaks (bsc#1244862).
• CVE-2025-38060: bpf: abort verification if env->cur_state->loop_entry != NULL (bsc#1245155).
• CVE-2025-38072: libnvdimm/labels: Fix divide error in nd_label_data_init() (bsc#1244743).

The following non-security bugs were fixed:

• accel/qaic: Mask out SR-IOV PCI resources (stable-fixes).
• acpi-cpufreq: Fix nominal_freq units to KHz in get_max_boost_ratio() (git-fixes).
• ACPI: battery: negate current when discharging (stable-fixes).
• ACPI: bus: Bail out if acpi_kobj registration fails (stable-fixes).
• ACPI: CPPC: Fix NULL pointer dereference when nosmp is used (git-fixes).
• ACPI: HED: Always initialize before evged (stable-fixes).
• ACPI: OSI: Stop advertising support for "3.0 _SCP Extensions" (git-fixes).
• ACPI: PNP: Add Intel OC Watchdog IDs to non-PNP device list (stable-fixes).
• ACPICA: Avoid sequence overread in call to strncmp() (stable-fixes).
• ACPICA: exserial: do not forget to handle FFixedHW opregions for reading (git-fixes).
• ACPICA: fix acpi operand cache leak in dswstate.c (stable-fixes).
• ACPICA: fix acpi parse and parseext cache leaks (stable-fixes).
• ACPICA: utilities: Fix overflow check in vsnprintf() (stable-fixes).
• ACPICA: Utilities: Fix spelling mistake "Incremement" -> "Increment" (git-fixes).
• ALSA: hda/intel: Add Thinkpad E15 to PM deny list (stable-fixes).
• ALSA: hda/realtek: Add quirk for HP Spectre x360 15-df1xxx (stable-fixes).
• ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ASP10 (stable-fixes).
• ALSA: hda/realtek: enable headset mic on Latitude 5420 Rugged (stable-fixes).
• ALSA: hda/realtek: Enable PC beep passthrough for HP EliteBook 855 G7 (stable-fixes).
• ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X507UAR (git-fixes).
• ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X513EA (git-fixes).
• ALSA: pcm: Fix race of buffer access at PCM OSS layer (stable-fixes).
• ALSA: seq: Improve data consistency at polling (stable-fixes).
• ALSA: usb-audio: Accept multiple protocols in GTBs (stable-fixes).
• ALSA: usb-audio: Add a quirk for Lenovo Thinkpad Thunderbolt 3 dock (stable-fixes).
• ALSA: usb-audio: Add implicit feedback quirk for RODE AI-1 (stable-fixes).
• ALSA: usb-audio: Add name for HP Engage Go dock (stable-fixes).
• ALSA: usb-audio: Add Pioneer DJ DJM-V10 support (stable-fixes).
• ALSA: usb-audio: Check shutdown at endpoint_set_interface() (stable-fixes).
• ALSA: usb-audio: enable support for Presonus Studio 1824c within 1810c file (stable-fixes).
• ALSA: usb-audio: Fix duplicated name in MIDI substream names (stable-fixes).
• ALSA: usb-audio: Fix NULL pointer deref in snd_usb_power_domain_set() (git-fixes).
• ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3() (git-fixes).
• ALSA: usb-audio: mixer: Remove temporary string use in parse_clock_source_unit (stable-fixes).
• ALSA: usb-audio: Rename ALSA kcontrol PCM and PCM1 for the KTMicro sound card (stable-fixes).
• ALSA: usb-audio: Rename Pioneer mixer channel controls (git-fixes).
• ALSA: usb-audio: Set MIDI1 flag appropriately for GTB MIDI 1.0 entry (stable-fixes).
• ALSA: usb-audio: Skip setting clock selector for single connections (stable-fixes).
• ALSA: usb-audio: Support multiple control interfaces (stable-fixes).
• ALSA: usb-audio: Support read-only clock selector control (stable-fixes).
• arm64: dts: marvell: uDPU: define pinctrl state for alarm LEDs (git-fixes)
• ASoC: amd: yc: Add quirk for Lenovo Yoga Pro 7 14ASP9 (stable-fixes).
• ASoC: apple: mca: Constrain channels according to TDM mask (git-fixes).
• ASoC: codecs: hda: Fix RPM usage count underflow (git-fixes).
• ASoC: codecs: pcm3168a: Allow for 24-bit in provider mode (stable-fixes).
• ASoC: imx-card: Adjust over allocation of memory in imx_card_parse_of() (stable-fixes).
• ASoC: Intel: avs: Fix deadlock when the failing IPC is SET_D0IX (git-fixes).
• ASoC: Intel: avs: Verify content returned by parse_int_array() (git-fixes).
• ASoC: Intel: bytcr_rt5640: Add DMI quirk for Acer Aspire SW3-013 (stable-fixes).
• ASoC: mediatek: mt6359: Add stub for mt6359_accdet_enable_jack_detect (stable-fixes).
• ASoC: mediatek: mt8188: Add reference for dmic clocks (stable-fixes).
• ASoC: mediatek: mt8188: Treat DMIC_GAINx_CUR as non-volatile (stable-fixes).
• ASoC: meson: meson-card-utils: use of_property_present() for DT parsing (git-fixes).
• ASoC: ops: Enforce platform maximum on initial value (stable-fixes).
• ASoC: qcom: sdm845: Add error handling in sdm845_slim_snd_hw_params() (git-fixes).
• ASoC: qcom: sm8250: explicitly set format in sm8250_be_hw_params_fixup() (stable-fixes).
• ASoC: rt722-sdca: Add some missing readable registers (stable-fixes).
• ASoC: soc-dai: check return value at snd_soc_dai_set_tdm_slot() (stable-fixes).
• ASoC: SOF: ipc4-pcm: Adjust pipeline_list->pipelines allocation type (git-fixes).
• ASoC: sun4i-codec: support hp-det-gpios property (stable-fixes).
• ASoC: tas2764: Add reg defaults for TAS2764_INT_CLK_CFG (stable-fixes).
• ASoC: tas2764: Enable main IRQs (git-fixes).
• ASoC: tas2764: Mark SW_RESET as volatile (stable-fixes).
• ASoC: tas2764: Power up/down amp on mute ops (stable-fixes).
• ASoC: tas2764: Reinit cache on part reset (git-fixes).
• ASoC: tas2770: Power cycle amp on ISENSE/VSENSE change (stable-fixes).
• ASoC: tegra210_ahub: Add check to of_device_get_match_data() (stable-fixes).
• ata: libata-eh: Do not use ATAPI DMA for a device limited to PIO mode (stable-fixes).
• ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 (stable-fixes).
• ath10k: snoc: fix unbalanced IRQ enable in crash recovery (git-fixes).
• backlight: pm8941: Add NULL check in wled_configure() (git-fixes).
• Bluetooth: Fix NULL pointer deference on eir_get_service_data (git-fixes).
• Bluetooth: hci_conn: Fix UAF Write in __hci_acl_create_connection_sync (git-fixes).
• Bluetooth: hci_conn: Only do ACL connections sequentially (stable-fixes).
• Bluetooth: hci_core: fix list_for_each_entry_rcu usage (git-fixes).
• Bluetooth: hci_event: Fix not using key encryption size when its known (git-fixes).
• Bluetooth: hci_qca: move the SoC type check to the right place (git-fixes).
• Bluetooth: hci_sync: Fix broadcast/PA when using an existing instance (git-fixes).
• Bluetooth: hci_sync: Fix UAF in hci_acl_create_conn_sync (git-fixes).
• Bluetooth: hci_sync: Fix UAF on hci_abort_conn_sync (git-fixes).
• Bluetooth: L2CAP: Fix not responding with L2CAP_CR_LE_ENCRYPTION (git-fixes).
• Bluetooth: MGMT: Fix sparse errors (git-fixes).
• Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete (git-fixes).
• Bluetooth: MGMT: iterate over mesh commands in mgmt_mesh_foreach() (git-fixes).
• Bluetooth: MGMT: Remove unused mgmt_pending_find_data (stable-fixes).
• Bluetooth: Remove pending ACL connection attempts (stable-fixes).
• bnxt: properly flush XDP redirect lists (git-fixes).
• bpf: Force uprobe bpf program to always return 0 (git-fixes).
• btrfs: fix fsync of files with no hard links not persisting deletion (git-fixes).
• btrfs: fix invalid data space release when truncating block in NOCOW mode (git-fixes).
• btrfs: fix qgroup reservation leak on failure to allocate ordered extent (git-fixes).
• btrfs: fix wrong start offset for delalloc space release during mmap write (git-fixes).
• btrfs: remove end_no_trans label from btrfs_log_inode_parent() (git-fixes).
• btrfs: simplify condition for logging new dentries at btrfs_log_inode_parent() (git-fixes).
• bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device (git-fixes).
• bus: fsl-mc: fix double-free on mc_dev (git-fixes).
• bus: fsl-mc: fix GET/SET_TAILDROP command ids (git-fixes).
• bus: fsl-mc: increase MC_CMD_COMPLETION_TIMEOUT_MS value (stable-fixes).
• bus: mhi: host: Fix conflict between power_up and SYSERR (git-fixes).
• calipso: Fix null-ptr-deref in calipso_req_{set,del}attr() (git-fixes).
• can: c_can: Use of_property_present() to test existence of DT property (stable-fixes).
• can: tcan4x5x: fix power regulator retrieval during probe (git-fixes).
• ceph: allocate sparse_ext map only for sparse reads (git-fixes).
• ceph: Fix incorrect flush end position calculation (git-fixes).
• ceph: fix memory leaks in __ceph_sync_read() (git-fixes).
• cgroup/cpuset: Fix race between newly created partition and dying one (bsc#1241166).
• clocksource: Fix brown-bag boolean thinko in (git-fixes)
• clocksource: Make watchdog and suspend-timing multiplication (git-fixes)
• crypto: lrw - Only add ecb if it is not already there (git-fixes).
• crypto: lzo - Fix compression buffer overrun (stable-fixes).
• crypto: marvell/cesa - Avoid empty transfer descriptor (git-fixes).
• crypto: marvell/cesa - Do not chain submitted requests (git-fixes).
• crypto: marvell/cesa - Handle zero-length skcipher requests (git-fixes).
• crypto: octeontx2 - suppress auth failure screaming due to negative tests (stable-fixes).
• crypto: qat - add shutdown handler to qat_420xx (git-fixes).
• crypto: qat - add shutdown handler to qat_4xxx (git-fixes).
• crypto: skcipher - Zap type in crypto_alloc_sync_skcipher (stable-fixes).
• crypto: sun8i-ce - move fallback ahash_request to the end of the struct (git-fixes).
• crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare() (git-fixes).
• crypto: sun8i-ss - do not use sg_dma_len before calling DMA functions (git-fixes).
• crypto: xts - Only add ecb if it is not already there (git-fixes).
• devlink: fix port dump cmd type (git-fixes).
• devlink: Fix referring to hw_addr attribute during state validation (git-fixes).
• dlm: mask sk_shutdown value (bsc#1228854).
• dlm: use SHUT_RDWR for SCTP shutdown (bsc#1228854).
• dmaengine: idxd: cdev: Fix uninitialized use of sva in idxd_cdev_open (stable-fixes).
• dmaengine: ti: Add NULL check in udma_probe() (git-fixes).
• drivers/rapidio/rio_cm.c: prevent possible heap overwrite (stable-fixes).
• drm: Add valid clones check (stable-fixes).
• drm: bridge: adv7511: fill stream capabilities (stable-fixes).
• drm: rcar-du: Fix memory leak in rcar_du_vsps_init() (git-fixes).
• drm/amd/display: Add null pointer check for get_first_active_display() (git-fixes).
• drm/amd/display: Do not try AUX transactions on disconnected link (stable-fixes).
• drm/amd/display: Fix incorrect DPCD configs while Replay/PSR switch (stable-fixes).
• drm/amd/display: fix link_set_dpms_off multi-display MST corner case (stable-fixes).
• drm/amd/display: Guard against setting dispclk low for dcn31x (stable-fixes).
• drm/amd/display: Increase block_sequence array size (stable-fixes).
• drm/amd/display: Initial psr_version with correct setting (stable-fixes).
• drm/amd/display: remove minimum Dispclk and apply oem panel timing (stable-fixes).
• drm/amd/display: Skip checking FRL_MODE bit for PCON BW determination (stable-fixes).
• drm/amd/display: Update CR AUX RD interval interpretation (stable-fixes).
• drm/amd/display/dm: drop hw_support check in amdgpu_dm_i2c_xfer() (stable-fixes).
• drm/amd/pp: Fix potential NULL pointer dereference in atomctrl_initialize_mc_reg_table (git-fixes).
• drm/amdgpu: Do not program AGP BAR regs under SRIOV in gfxhub_v1_0.c (stable-fixes).
• drm/amdgpu: enlarge the VBIOS binary size limit (stable-fixes).
• drm/amdgpu: reset psp->cmd to NULL after releasing the buffer (stable-fixes).
• drm/amdgpu: Set snoop bit for SDMA for MI series (stable-fixes).
• drm/amdgpu: switch job hw_fence to amdgpu_fence (git-fixes).
• drm/amdgpu: Update SRIOV video codec caps (stable-fixes).
• drm/amdkfd: KFD release_work possible circular locking (stable-fixes).
• drm/amdkfd: Set per-process flags only once cik/vi (stable-fixes).
• drm/ast: Find VBIOS mode from regular display size (stable-fixes).
• drm/ast: Fix comment on modeset lock (git-fixes).
• drm/atomic: clarify the rules around drm_atomic_state->allow_modeset (stable-fixes).
• drm/bridge: cdns-dsi: Check return value when getting default PHY config (git-fixes).
• drm/bridge: cdns-dsi: Fix connecting to next bridge (git-fixes).
• drm/bridge: cdns-dsi: Fix phy de-init and flag it so (git-fixes).
• drm/bridge: cdns-dsi: Fix the clock variable for mode_valid() (git-fixes).
• drm/bridge: cdns-dsi: Wait for Clk and Data Lanes to be ready (git-fixes).
• drm/bridge: lt9611uxc: Fix an error handling path in lt9611uxc_probe() (git-fixes).
• drm/etnaviv: Protect the scheduler's pending list with its lock (git-fixes).
• drm/i915: fix build error some more (git-fixes).
• drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1 (git-fixes).
• drm/i915/pmu: Fix build error with GCOV and AutoFDO enabled (git-fixes).
• drm/mediatek: Fix kobject put for component sub-drivers (git-fixes).
• drm/mediatek: mtk_dpi: Add checks for reg_h_fre_con existence (stable-fixes).
• drm/mediatek: mtk_drm_drv: Fix kobject put for mtk_mutex device ptr (git-fixes).
• drm/mediatek: mtk_drm_drv: Unbind secondary mmsys components on err (git-fixes).
• drm/msm/disp: Correct porch timing for SDM845 (git-fixes).
• drm/msm/dsi/dsi_phy_10nm: Fix missing initial VCO rate (git-fixes).
• drm/msm/gpu: Fix crash when throttling GPU immediately during boot (git-fixes).
• drm/nouveau/bl: increase buffer size to avoid truncate warning (git-fixes).
• drm/panel-edp: Add Starry 116KHD024006 (stable-fixes).
• drm/panel: samsung-sofef00: Drop s6e3fc2x01 support (git-fixes).
• drm/rockchip: vop2: Add uv swap for cluster window (stable-fixes).
• drm/ssd130x: fix ssd132x_clear_screen() columns (git-fixes).
• drm/tegra: Assign plane type before registration (git-fixes).
• drm/tegra: Fix a possible null pointer dereference (git-fixes).
• drm/tegra: rgb: Fix the unbound reference count (git-fixes).
• drm/udl: Unregister device before cleaning up on disconnect (git-fixes).
• drm/v3d: Add clock handling (stable-fixes).
• drm/vc4: tests: Use return instead of assert (git-fixes).
• drm/vkms: Adjust vkms_state->active_planes allocation type (git-fixes).
• drm/vmwgfx: Add seqno waiter for sync_files (git-fixes).
• e1000e: set fixed clock frequency indication for Nahum 11 and Nahum 13 (git-fixes).
• fbcon: Make sure modelist not set on unregistered console (stable-fixes).
• fbcon: Use correct erase colour for clearing in fbcon (stable-fixes).
• fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod() (git-fixes).
• fbdev: core: tileblit: Implement missing margin clearing for tileblit (stable-fixes).
• fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).
• fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var (git-fixes).
• fbdev: fsl-diu-fb: add missing device_remove_file() (stable-fixes).
• fbdev/efifb: Remove PM for parent device (bsc#1244261).
• fgraph: Still initialize idle shadow stacks when starting (git-fixes).
• firmware: arm_ffa: Reject higher major version as incompatible (stable-fixes).
• firmware: arm_ffa: Set dma_mask for ffa devices (stable-fixes).
• firmware: arm_scmi: Relax duplicate name constraint across protocol ids (stable-fixes).
• firmware: psci: Fix refcount leak in psci_dt_init (git-fixes).
• firmware: SDEI: Allow sdei initialization without ACPI_APEI_GHES (git-fixes).
• fpga: altera-cvp: Increase credit timeout (stable-fixes).
• fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio() (git-fixes).
• gpio: mlxbf3: only get IRQ for device instance 0 (git-fixes).
• gpio: pca953x: fix IRQ storm on system wake up (git-fixes).
• gpio: pca953x: Simplify code with cleanup helpers (stable-fixes).
• gpio: pca953x: Split pca953x_restore_context() and pca953x_save_context() (stable-fixes).
• gpiolib: Revert "Do not WARN on gpiod_put() for optional GPIO" (stable-fixes).
• gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO (git-fixes).
• gve: Fix RX_BUFFERS_POSTED stat to report per-queue fill_cnt (git-fixes).
• HID: lenovo: Restrict F7/9/11 mode to compact keyboards only (git-fixes).
• HID: quirks: Add ADATA XPG alpha wireless mouse support (stable-fixes).
• HID: usbkbd: Fix the bit shift number for LED_KANA (stable-fixes).
• HID: wacom: fix kobject reference count leak (git-fixes).
• HID: wacom: fix memory leak on kobject creation failure (git-fixes).
• HID: wacom: fix memory leak on sysfs attribute creation failure (git-fixes).
• hwmon: (asus-ec-sensors) check sensor index in read_string() (git-fixes).
• hwmon: (dell-smm) Increment the number of fans (stable-fixes).
• hwmon: (ftsteutates) Fix TOCTOU race in fts_read() (git-fixes).
• hwmon: (gpio-fan) Add missing mutex locks (stable-fixes).
• hwmon: (nct6775): Actually make use of the HWMON_NCT6775 symbol namespace (git-fixes).
• hwmon: (occ) fix unaligned accesses (git-fixes).
• hwmon: (occ) Rework attribute registration for stack usage (git-fixes).
• hwmon: (peci/dimmtemp) Do not provide fake thresholds data (git-fixes).
• hwmon: (xgene-hwmon) use appropriate type for the latency value (stable-fixes).
• hwmon: corsair-psu: add USB id of HX1200i Series 2023 psu (git-fixes).
• i2c: designware: Invoke runtime suspend on quick slave re-registration (stable-fixes).
• i2c: npcm: Add clock toggle recovery (stable-fixes).
• i2c: pxa: fix call balance of i2c->clk handling routines (stable-fixes).
• i2c: qup: Vote for interconnect bandwidth to DRAM (stable-fixes).
• i2c: robotfuzz-osif: disable zero-length read messages (git-fixes).
• i2c: tegra: check msg length in SMBUS block read (bsc#1242086)
• i2c: tiny-usb: disable zero-length read messages (git-fixes).
• i3c: master: svc: Fix implicit fallthrough in svc_i3c_master_ibi_work() (git-fixes).
• i3c: master: svc: Fix missing STOP for master request (stable-fixes).
• i3c: master: svc: Flush FIFO before sending Dynamic Address Assignment(DAA) (stable-fixes).
• i40e: retry VFLR handling if there is ongoing VF reset (git-fixes).
• i40e: return false from i40e_reset_vf if reset is in progress (git-fixes).
• ice: create new Tx scheduler nodes for new queues only (git-fixes).
• ice: Fix LACP bonds without SRIOV environment (git-fixes).
• ice: fix rebuilding the Tx scheduler tree for large queue counts (git-fixes).
• ice: fix Tx scheduler error handling in XDP callback (git-fixes).
• ice: fix vf->num_mac count with port representors (git-fixes).
• ieee802154: ca8210: Use proper setters and getters for bitwise types (stable-fixes).
• iio: accel: fxls8962af: Fix temperature scan element sign (git-fixes).
• iio: adc: ad7124: Fix 3dB filter frequency reading (git-fixes).
• iio: adc: ad7606_spi: fix reg write value mask (git-fixes).
• iio: filter: admv8818: fix band 4, state 15 (git-fixes).
• iio: filter: admv8818: fix integer overflow (git-fixes).
• iio: filter: admv8818: fix range calculation (git-fixes).
• iio: filter: admv8818: Support frequencies >= 2^32 (git-fixes).
• iio: imu: inv_icm42600: Fix temperature calculation (git-fixes).
• ima: process_measurement() needlessly takes inode_lock() on MAY_READ (stable-fixes).
• ima: Suspend PCR extends and log appends when rebooting (bsc#1210025 ltc#196650).
• Input: gpio-keys - fix possible concurrent access in gpio_keys_irq_timer() (git-fixes).
• Input: ims-pcu - check record size in ims_pcu_flash_firmware() (git-fixes).
• Input: sparcspkr - avoid unannotated fall-through (stable-fixes).
• Input: xpad - add more controllers (stable-fixes).
• intel_th: avoid using deprecated page->mapping, index fields (stable-fixes).
• iommu: Protect against overflow in iommu_pgsize() (git-fixes).
• iommu: Skip PASID validation for devices without PASID capability (bsc#1244100)
• iommu: Validate the PASID in iommu_attach_device_pasid() (bsc#1244100)
• ip_tunnel: annotate data-races around t->parms.link (git-fixes).
• ip6mr: fix tables suspicious RCU usage (git-fixes).
• ipmr: fix incorrect parameter validation in the ip_mroute_getsockopt() function (git-fixes).
• ipmr: fix tables suspicious RCU usage (git-fixes).
• ipv4: Convert ip_route_input() to dscp_t (git-fixes).
• ipv4: Correct/silence an endian warning in __ip_do_redirect (git-fixes).
• ipv6: save dontfrag in cork (git-fixes).
• ipvs: Always clear ipvs_property flag in skb_scrub_packet() (git-fixes).
• isolcpus: fix bug in returning number of allocated cpumask (bsc#1243774).
• jffs2: check jffs2_prealloc_raw_node_refs() result in few other places (git-fixes).
• jffs2: check that raw node were preallocated before writing summary (git-fixes).
• KVM: powerpc: Enable commented out BUILD_BUG_ON() assertion (bsc#1215199).
• KVM: s390: rename PROT_NONE to PROT_TYPE_DUMMY (git-fixes bsc#1245225).
• leds: pwm-multicolor: Add check for fwnode_property_read_u32 (stable-fixes).
• loop: add file_start_write() and file_end_write() (git-fixes).
• mailbox: use error ret code of of_parse_phandle_with_args() (stable-fixes).
• md/raid1,raid10: do not handle IO error for REQ_RAHEAD and REQ_NOWAIT (git-fixes).
• media: adv7180: Disable test-pattern control on adv7180 (stable-fixes).
• media: c8sectpfe: Call of_node_put(i2c_bus) only once in c8sectpfe_probe() (stable-fixes).
• media: ccs-pll: Check for too high VT PLL multiplier in dual PLL case (git-fixes).
• media: ccs-pll: Correct the upper limit of maximum op_pre_pll_clk_div (git-fixes).
• media: ccs-pll: Start OP pre-PLL multiplier search from correct value (git-fixes).
• media: ccs-pll: Start VT pre-PLL multiplier search from correct value (git-fixes).
• media: cx231xx: set device_caps for 417 (stable-fixes).
• media: cxusb: no longer judge rbuf when the write fails (git-fixes).
• media: davinci: vpif: Fix memory leak in probe error path (git-fixes).
• media: gspca: Add error handling for stv06xx_read_sensor() (git-fixes).
• media: i2c: imx219: Correct the minimum vblanking value (stable-fixes).
• media: imx-jpeg: Cleanup after an allocation error (git-fixes).
• media: imx-jpeg: Drop the first error frames (git-fixes).
• media: imx-jpeg: Move mxc_jpeg_free_slot_data() ahead (git-fixes).
• media: imx-jpeg: Reset slot data pointers when freed (git-fixes).
• media: nxp: imx8-isi: better handle the m2m usage_count (git-fixes).
• media: omap3isp: use sgtable-based scatterlist wrappers (git-fixes).
• media: ov5675: suppress probe deferral errors (git-fixes).
• media: ov8856: suppress probe deferral errors (git-fixes).
• media: qcom: camss: csid: Only add TPG v4l2 ctrl if TPG hardware is available (stable-fixes).
• media: rkvdec: Fix frame size enumeration (git-fixes).
• media: tc358746: improve calculation of the D-PHY timing registers (stable-fixes).
• media: test-drivers: vivid: do not call schedule in loop (stable-fixes).
• media: uvcvideo: Add sanity check to uvc_ioctl_xu_ctrl_map (stable-fixes).
• media: uvcvideo: Fix deferred probing error (git-fixes).
• media: uvcvideo: Handle uvc menu translation inside uvc_get_le_value (stable-fixes).
• media: uvcvideo: Return the number of processed controls (git-fixes).
• media: v4l: Memset argument to 0 before calling get_mbus_config pad op (stable-fixes).
• media: v4l2-dev: fix error handling in __video_register_device() (git-fixes).
• media: venus: Fix probe error handling (git-fixes).
• media: videobuf2: use sgtable-based scatterlist wrappers (git-fixes).
• media: vidtv: Terminating the subsequent process of initialization failure (git-fixes).
• media: vivid: Change the siize of the composing (git-fixes).
• mfd: exynos-lpass: Avoid calling exynos_lpass_disable() twice in exynos_lpass_remove() (git-fixes).
• mfd: stmpe-spi: Correct the name used in MODULE_DEVICE_TABLE (git-fixes).
• mfd: tps65219: Remove TPS65219_REG_TI_DEV_ID check (stable-fixes).
• mkspec: Exclude rt flavor from kernel-syms dependencies (bsc#1244337).
• mm, memcg: cg2 memory{.swap,}.peak write handlers (jsc#PED-12551).
• mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245431).
• mm/hugetlb: unshare page tables during VMA split, not before (bsc#1245431).
• mm/memcontrol: export memcg.swap watermark via sysfs for v2 memcg (jsc#PED-12551).
• mmc: Add quirk to disable DDR50 tuning (stable-fixes).
• mmc: dw_mmc: add exynos7870 DW MMC support (stable-fixes).
• mmc: host: Wait for Vdd to settle on card power off (stable-fixes).
• mmc: sdhci: Disable SD card clock before changing parameters (stable-fixes).
• mtd: nand: ecc-mxic: Fix use of uninitialized variable ret (git-fixes).
• mtd: nand: sunxi: Add randomizer configuration before randomizer enable (git-fixes).
• mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk (git-fixes).
• MyBS: Correctly generate build flags for non-multibuild package limit (bsc# 1244241) Fixes: 0999112774fc ("MyBS: Use buildflags to set which package to build")
• MyBS: Do not build kernel-obs-qa with limit_packages Fixes: 58e3f8c34b2b ("bs-upload-kernel: Pass limit_packages also on multibuild")
• MyBS: Simplify qa_expr generation Start with a 0 which makes the expression valid even if there are no QA repositories (currently does not happen). Then separator is always needed.
• neighbour: Do not let neigh_forced_gc() disable preemption for long (git-fixes).
• net_sched: ets: fix a race in ets_qdisc_change() (git-fixes).
• net_sched: prio: fix a race in prio_tune() (git-fixes).
• net_sched: red: fix a race in __red_change() (git-fixes).
• net_sched: sch_fifo: implement lockless __fifo_dump() (bsc#1237312)
• net_sched: sch_sfq: reject invalid perturb period (git-fixes).
• net_sched: sch_sfq: use a temporary work area for validating configuration (bsc#1232504)
• net_sched: tbf: fix a race in tbf_change() (git-fixes).
• net: add rcu safety to rtnl_prop_list_size() (git-fixes).
• net: Fix TOCTOU issue in sk_is_readable() (git-fixes).
• net: fix udp gso skb_segment after pull from frag_list (git-fixes).
• net: give more chances to rcu in netdev_wait_allrefs_any() (git-fixes).
• net: ice: Perform accurate aRFS flow match (git-fixes).
• net: Implement missing getsockopt(SO_TIMESTAMPING_NEW) (git-fixes).
• net: ipv4: fix a memleak in ip_setup_cork (git-fixes).
• net: linkwatch: use system_unbound_wq (git-fixes).
• net: mana: Add support for Multi Vports on Bare metal (bsc#1244229).
• net: mana: Record doorbell physical address in PF mode (bsc#1244229).
• net: page_pool: fix warning code (git-fixes).
• net: phy: clear phydev->devlink when the link is deleted (git-fixes).
• net: phy: fix up const issues in to_mdio_device() and to_phy_device() (git-fixes).
• net: phy: move phy_link_change() prior to mdio_bus_phy_may_suspend() (bsc#1243538)
• net: phy: mscc: Fix memory leak when using one step timestamping (git-fixes).
• net: phy: mscc: Stop clearing the the UDPv4 checksum for L2 frames (git-fixes).
• net: sched: cls_u32: Fix allocation size in u32_init() (git-fixes).
• net: sched: consistently use rcu_replace_pointer() in taprio_change() (git-fixes).
• net: sched: em_text: fix possible memory leak in em_text_destroy() (git-fixes).
• net: sched: fix erspan_opt settings in cls_flower (git-fixes).
• net: usb: aqc111: debug info before sanitation (git-fixes).
• net: usb: aqc111: fix error handling of usbnet read calls (git-fixes).
• net: wwan: t7xx: Fix napi rx poll issue (git-fixes).
• net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (git-fixes).
• net/mdiobus: Fix potential out-of-bounds read/write access (git-fixes).
• net/mlx4_en: Prevent potential integer overflow calculating Hz (git-fixes).
• net/mlx5_core: Add error handling inmlx5_query_nic_vport_qkey_viol_cntr() (git-fixes).
• net/mlx5: Add error handling in mlx5_query_nic_vport_node_guid() (git-fixes).
• net/mlx5: Ensure fw pages are always allocated on same NUMA (git-fixes).
• net/mlx5: Fix ECVF vports unload on shutdown flow (git-fixes).
• net/mlx5: Fix return value when searching for existing flow group (git-fixes).
• net/mlx5e: Fix leak of Geneve TLV option object (git-fixes).
• net/neighbor: clear error in case strict check is not set (git-fixes).
• net/sched: fix use-after-free in taprio_dev_notifier (git-fixes).
• netdev-genl: Hold rcu_read_lock in napi_get (git-fixes).
• netlink: fix potential sleeping issue in mqueue_flush_file (git-fixes).
• netlink: specs: dpll: replace underscores with dashes in names (git-fixes).
• netpoll: hold rcu read lock in __netpoll_send_skb() (git-fixes).
• netpoll: Use rcu_access_pointer() in __netpoll_setup (git-fixes).
• NFC: nci: uart: Set tty->disc_data only in success path (git-fixes).
• NFS: Do not allow waiting for exiting tasks (git-fixes).
• nfsd: Initialize ssc before laundromat_work to prevent NULL dereference (git-fixes).
• nfsd: Insulate nfsd4_encode_read_plus() from page boundaries in the encode buffer (git-fixes).
• nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request (git-fixes).
• nfsd: validate the nfsd_serv pointer before calling svc_wake_up (git-fixes).
• NFSv4: Check for delegation validity in nfs_start_delegation_return_locked() (git-fixes).
• NFSv4: Treat ENETUNREACH errors as fatal for state recovery (git-fixes).
• ntp: Clamp maxerror and esterror to operating range (git-fixes)
• ntp: Remove invalid cast in time offset math (git-fixes)
• ntp: Safeguard against time_constant overflow (git-fixes)
• nvme-fc: do not reference lsrsp after failure (bsc#1245193).
• nvme-pci: add NVME_QUIRK_NO_DEEPEST_PS quirk for SOLIDIGM P44 Pro (git-fixes).
• nvme-pci: add quirks for device 126f:1001 (git-fixes).
• nvme-pci: add quirks for WDC Blue SN550 15b7:5009 (git-fixes).
• nvme: always punt polled uring_cmd end_io work to task_work (git-fixes).
• nvme: fix command limits status code (git-fixes).
• nvme: fix implicit bool to flags conversion (git-fixes).
• nvmet-fc: free pending reqs on tgtport unregister (bsc#1245193).
• nvmet-fc: take tgtport refs for portentry (bsc#1245193).
• nvmet-fcloop: access fcpreq only when holding reqlock (bsc#1245193).
• nvmet-fcloop: add missing fcloop_callback_host_done (bsc#1245193).
• nvmet-fcloop: allocate/free fcloop_lsreq directly (bsc#1245193).
• nvmet-fcloop: do not wait for lport cleanup (bsc#1245193).
• nvmet-fcloop: drop response if targetport is gone (bsc#1245193).
• nvmet-fcloop: prevent double port deletion (bsc#1245193).
• nvmet-fcloop: refactor fcloop_delete_local_port (bsc#1245193).
• nvmet-fcloop: refactor fcloop_nport_alloc and track lport (bsc#1245193).
• nvmet-fcloop: remove nport from list on last user (bsc#1245193).
• nvmet-fcloop: track ref counts for nports (bsc#1245193).
• nvmet-fcloop: update refs on tfcp_req (bsc#1245193).
• orangefs: Do not truncate file size (git-fixes).
• page_pool: Fix use-after-free in page_pool_recycle_in_ring (git-fixes).
• PCI: apple: Set only available ports up (git-fixes).
• PCI: apple: Use gpiod_set_value_cansleep in probe flow (git-fixes).
• PCI: brcmstb: Add a softdep to MIP MSI-X driver (stable-fixes).
• PCI: brcmstb: Expand inbound window size up to 64GB (stable-fixes).
• PCI: cadence-ep: Correct PBA offset in .set_msix() callback (git-fixes).
• PCI: cadence: Fix runtime atomic count underflow (git-fixes).
• PCI: dw-rockchip: Fix PHY function call sequence in rockchip_pcie_phy_deinit() (git-fixes).
• PCI: dw-rockchip: Remove PCIE_L0S_ENTRY check from rockchip_pcie_link_up() (git-fixes).
• PCI: dwc: ep: Correct PBA offset in .set_msix() callback (git-fixes).
• PCI: dwc: ep: Ensure proper iteration over outbound map windows (stable-fixes).
• PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes).
• PCI: Explicitly put devices into D0 when initializing (git-fixes).
• PCI: Fix lock symmetry in pci_slot_unlock() (git-fixes).
• PCI: Fix old_size lower bound in calculate_iosize() too (stable-fixes).
• PCI: vmd: Disable MSI remapping bypass under Xen (stable-fixes).
• PCI/DPC: Initialize aer_err_info before using it (git-fixes).
• PCI/DPC: Log Error Source ID only when valid (git-fixes).
• PCI/DPC: Use defines with DPC reason fields (git-fixes).
• PCI/MSI: Size device MSI domain with the maximum number of vectors (git-fixes).
• PCI/PM: Set up runtime PM even for devices without PCI PM (git-fixes).
• phy: core: do not require set_mode() callback for phy_get_mode() to work (stable-fixes).
• phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug (git-fixes).
• phy: renesas: rcar-gen3-usb2: Add support to initialize the bus (stable-fixes).
• phy: renesas: rcar-gen3-usb2: Assert PLL reset on PHY power off (git-fixes).
• phy: renesas: rcar-gen3-usb2: Lock around hardware registers and driver data (git-fixes).
• phy: renesas: rcar-gen3-usb2: Move IRQ request in probe (stable-fixes).
• pinctrl-tegra: Restore SFSEL bit when freeing pins (stable-fixes).
• pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get_direction() (stable-fixes).
• pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get() (stable-fixes).
• pinctrl: armada-37xx: propagate error from armada_37xx_pmx_gpio_set_direction() (stable-fixes).
• pinctrl: armada-37xx: propagate error from armada_37xx_pmx_set_by_name() (stable-fixes).
• pinctrl: armada-37xx: set GPIO output value before setting direction (git-fixes).
• pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs > 31 (git-fixes).
• pinctrl: at91: Fix possible out-of-boundary access (git-fixes).
• pinctrl: bcm281xx: Use "unsigned int" instead of bare "unsigned" (stable-fixes).
• pinctrl: devicetree: do not goto err when probing hogs in pinctrl_dt_to_map (stable-fixes).
• pinctrl: mcp23s08: Reset all pins to input at probe (stable-fixes).
• pinctrl: meson: define the pull up/down resistor value as 60 kOhm (stable-fixes).
• pinctrl: qcom: pinctrl-qcm2290: Add missing pins (git-fixes).
• pinctrl: st: Drop unused st_gpio_bank() function (git-fixes).
• pinctrl: tegra: Fix off by one in tegra_pinctrl_get_group() (git-fixes).
• platform/x86: dell_rbu: Fix list usage (git-fixes).
• platform/x86: dell_rbu: Stop overwriting data buffer (git-fixes).
• platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (git-fixes).
• platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys (stable-fixes).
• platform/x86: ideapad-laptop: use usleep_range() for EC polling (git-fixes).
• platform/x86: thinkpad_acpi: Ignore battery threshold change event notification (stable-fixes).
• platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (git-fixes).
• platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS (stable-fixes).
• platform/x86/amd: pmc: Clear metrics table at start of cycle (git-fixes).
• platform/x86/intel-uncore-freq: Fail module load when plat_info is NULL (git-fixes).
• PM: runtime: fix denying of auto suspend in pm_suspend_timer_fn() (stable-fixes).
• PM: sleep: Fix power.is_suspended cleanup for direct-complete devices (git-fixes).
• PM: sleep: Print PM debug messages during hibernation (git-fixes).
• PM: wakeup: Delete space in the end of string shown by pm_show_wakelocks() (git-fixes).
• pNFS/flexfiles: Report ENETDOWN as a connection error (git-fixes).
• power: reset: at91-reset: Optimize at91_reset() (git-fixes).
• power: supply: bq27xxx: Retrieve again when busy (stable-fixes).
• power: supply: collie: Fix wakeup source leaks on device unbind (stable-fixes).
• powerpc/eeh: Fix missing PE bridge reconfiguration during VFIO EEH recovery (bsc#1215199).
• powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap (bsc#1244309 ltc#213790).
• powerpc/pseries/msi: Avoid reading PCI device registers in reduced power states (bsc#1215199).
• powerpc/vas: Return -EINVAL if the offset is non-zero in mmap() (bsc#1244309 ltc#213790).
• pstore: Change kmsg_bytes storage size to u32 (git-fixes).
• ptp: remove ptp->n_vclocks check logic in ptp_vclock_in_use() (git-fixes).
• r8152: add vendor/device ID pair for Dell Alienware AW1022z (git-fixes).
• RDMA/core: Fix best page size finding when it can cross SG entries (git-fixes)
• RDMA/uverbs: Propagate errors from rdma_lookup_get_uobject() (git-fixes)
• regulator: ad5398: Add device tree support (stable-fixes).
• regulator: max14577: Add error check for max14577_read_reg() (git-fixes).
• regulator: max20086: Change enable gpio to optional (git-fixes).
• regulator: max20086: Fix MAX200086 chip id (git-fixes).
• regulator: max20086: Fix refcount leak in max20086_parse_regulators_dt() (git-fixes).
• rtc: at91rm9200: drop unused module alias (git-fixes).
• rtc: cmos: use spin_lock_irqsave in cmos_interrupt (git-fixes).
• rtc: cpcap: drop unused module alias (git-fixes).
• rtc: da9063: drop unused module alias (git-fixes).
• rtc: ds1307: stop disabling alarms on probe (stable-fixes).
• rtc: Fix offset calculation for .start_secs < 0 (git-fixes).
• rtc: jz4740: drop unused module alias (git-fixes).
• rtc: Make rtc_time64_to_tm() support dates before 1970 (stable-fixes).
• rtc: pm8xxx: drop unused module alias (git-fixes).
• rtc: rv3032: fix EERD location (stable-fixes).
• rtc: s3c: drop unused module alias (git-fixes).
• rtc: sh: assign correct interrupts with DT (git-fixes).
• rtc: stm32: drop unused module alias (git-fixes).
• s390/pci: Allow re-add of a reserved but not yet removed device (bsc#1244145).
• s390/pci: Fix __pcilg_mio_inuser() inline assembly (git-fixes bsc#1245226).
• s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (git-fixes bsc#1244145).
• s390/pci: Fix potential double remove of hotplug slot (bsc#1244145).
• s390/pci: introduce lock to synchronize state of zpci_dev's (jsc#PED-10253 bsc#1244145).
• s390/pci: Prevent self deletion in disable_slot() (bsc#1244145).
• s390/pci: remove hotplug slot when releasing the device (bsc#1244145).
• s390/pci: Remove redundant bus removal and disable from zpci_release_device() (bsc#1244145).
• s390/pci: rename lock member in struct zpci_dev (jsc#PED-10253 bsc#1244145).
• s390/pci: Serialize device addition and removal (bsc#1244145).
• s390/tty: Fix a potential memory leak bug (git-fixes bsc#1245228).
• scsi: dc395x: Remove DEBUG conditional compilation (git-fixes).
• scsi: dc395x: Remove leftover if statement in reselect() (git-fixes).
• scsi: elx: efct: Fix memory leak in efct_hw_parse_filter() (git-fixes).
• scsi: hisi_sas: Call I_T_nexus after soft reset for SATA disk (git-fixes).
• scsi: iscsi: Fix incorrect error path labels for flashnode operations (git-fixes).
• scsi: mpi3mr: Add level check to control event logging (git-fixes).
• scsi: mpt3sas: Send a diag reset if target reset fails (git-fixes).
• scsi: qedf: Use designated initializer for struct qed_fcoe_cb_ops (git-fixes).
• scsi: sd_zbc: block: Respect bio vector limits for REPORT ZONES buffer (git-fixes).
• scsi: st: ERASE does not change tape location (git-fixes).
• scsi: st: Restore some drive settings after reset (git-fixes).
• scsi: st: Tighten the page format heuristics with MODE SELECT (git-fixes).
• scsi: storvsc: Do not report the host packet status as the hv status (git-fixes).
• scsi: storvsc: Increase the timeouts to storvsc_timeout (git-fixes).
• selftests/bpf: Fix bpf_nf selftest failure (git-fixes).
• selftests/mm: restore default nr_hugepages value during cleanup in hugetlb_reparenting_test.sh (git-fixes).
• selftests/net: have gro.sh -t return a correct exit code (stable-fixes).
• selftests/seccomp: fix syscall_restart test for arm compat (git-fixes).
• serial: Fix potential null-ptr-deref in mlb_usio_probe() (git-fixes).
• serial: imx: Restore original RXTL for console to fix data loss (git-fixes).
• serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes).
• serial: sh-sci: Move runtime PM enable to sci_probe_single() (stable-fixes).
• serial: sh-sci: Save and restore more registers (git-fixes).
• serial: sh-sci: Update the suspend/resume support (stable-fixes).
• soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop() (git-fixes).
• soc: aspeed: lpc: Fix impossible judgment condition (git-fixes).
• soc: qcom: smp2p: Fix fallback to qcom,ipc parse (git-fixes).
• soc: ti: k3-socinfo: Do not use syscon helper to build regmap (stable-fixes).
• soundwire: amd: change the soundwire wake enable/disable sequence (stable-fixes).
• spi-rockchip: Fix register out of bounds access (stable-fixes).
• spi: bcm63xx-hsspi: fix shared reset (git-fixes).
• spi: bcm63xx-spi: fix shared reset (git-fixes).
• spi: sh-msiof: Fix maximum DMA transfer size (git-fixes).
• spi: spi-sun4i: fix early activation (stable-fixes).
• spi: tegra210-quad: Fix X1_X2_X4 encoding and support x4 transfers (git-fixes).
• spi: tegra210-quad: modify chip select (CS) deactivation (git-fixes).
• spi: tegra210-quad: remove redundant error handling code (git-fixes).
• spi: zynqmp-gqspi: Always acknowledge interrupts (stable-fixes).
• staging: iio: ad5933: Correct settling cycles encoding per datasheet (git-fixes).
• staging: rtl8723bs: Avoid memset() in aes_cipher() and aes_decipher() (git-fixes).
• struct usci: hide additional member (git-fixes).
• SUNRPC: Do not allow waiting for exiting tasks (git-fixes).
• SUNRPC: handle SVC_GARBAGE during svc auth processing as auth error (git-fixes).
• SUNRPC: Prevent hang on NFS mount with xprtsec=[m]tls (git-fixes).
• SUNRPC: rpc_clnt_set_transport() must not change the autobind setting (git-fixes).
• SUNRPC: rpcbind should never reset the port to the value '0' (git-fixes).
• tcp_metrics: optimize tcp_metrics_flush_all() (git-fixes).
• tcp: bring back NUMA dispersion in inet_ehash_locks_alloc() (git-fixes).
• tcp/dccp: allow a connection when sk_max_ack_backlog is zero (git-fixes).
• tcp/dccp: bypass empty buckets in inet_twsk_purge() (git-fixes).
• tcp/dccp: complete lockless accesses to sk->sk_max_ack_backlog (git-fixes).
• thermal/drivers/qoriq: Power down TMU on system suspend (stable-fixes).
• thunderbolt: Do not add non-active NVM if NVM upgrade is disabled for retimer (stable-fixes).
• thunderbolt: Do not double dequeue a configuration request (stable-fixes).
• thunderbolt: Fix a logic error in wake on connect (git-fixes).
• timekeeping: Fix bogus clock_was_set() invocation in (git-fixes)
• timekeeping: Fix cross-timestamp interpolation corner case (git-fixes)
• timekeeping: Fix cross-timestamp interpolation for non-x86 (git-fixes)
• timekeeping: Fix cross-timestamp interpolation on counter (git-fixes)
• trace/trace_event_perf: remove duplicate samples on the first tracepoint event (git-fixes).
• tracing: Add __print_dynamic_array() helper (bsc#1243544).
• tracing: Add __string_len() example (bsc#1243544).
• tracing: Fix cmp_entries_dup() to respect sort() comparison rules (git-fixes).
• tracing: Fix compilation warning on arm32 (bsc#1243551).
• tracing: Use atomic64_inc_return() in trace_clock_counter() (git-fixes).
• tracing/eprobe: Fix to release eprobe when failed to add dyn_event (git-fixes).
• ucsi_debugfs_entry: hide signedness change (git-fixes).
• udp: annotate data-races around up->pending (git-fixes).
• udp: fix incorrect parameter validation in the udp_lib_getsockopt() function (git-fixes).
• udp: fix receiving fraglist GSO packets (git-fixes).
• udp: preserve the connected status if only UDP cmsg (git-fixes).
• uprobes: Use kzalloc to allocate xol area (git-fixes).
• usb: cdnsp: Fix issue with detecting command completion event (git-fixes).
• usb: cdnsp: Fix issue with detecting USB 3.2 speed (git-fixes).
• usb: dwc3: gadget: Make gadget_wakeup asynchronous (git-fixes).
• usb: Flush altsetting 0 endpoints before reinitializating them after reset (git-fixes).
• usb: quirks: Add NO_LPM quirk for SanDisk Extreme 55AE (stable-fixes).
• usb: renesas_usbhs: Reorder clock handling and power management in probe (git-fixes).
• usb: serial: pl2303: add new chip PL2303GC-Q20 and PL2303GT-2AB (stable-fixes).
• usb: storage: Ignore UAS driver for SanDisk 3.2 Gen2 storage device (stable-fixes).
• usb: typec: tcpm/tcpci_maxim: Fix bounds check in process_rx() (git-fixes).
• usb: typec: ucsi: allow non-partner GET_PDOS for Qualcomm devices (git-fixes).
• usb: typec: ucsi: fix Clang -Wsign-conversion warning (git-fixes).
• usb: typec: ucsi: fix UCSI on buggy Qualcomm devices (git-fixes).
• usb: typec: ucsi: limit the UCSI_NO_PARTNER_PDOS even further (git-fixes).
• usb: typec: ucsi: Only enable supported notifications (git-fixes).
• usb: usbtmc: Fix read_stb function and get_stb ioctl (git-fixes).
• usb: usbtmc: Fix timeout value in get_stb (git-fixes).
• usb: xhci: Do not change the status of stalled TDs on failed Stop EP (stable-fixes).
• usbnet: asix AX88772: leave the carrier control to phylink (stable-fixes).
• vgacon: Add check for vc_origin address range in vgacon_scroll() (git-fixes).
• VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify (git-fixes).
• vmxnet3: correctly report gso type for UDP tunnels (bsc#1244626).
• vmxnet3: support higher link speeds from vmxnet3 v9 (bsc#1244626).
• vmxnet3: update MTU after device quiesce (bsc#1244626).
• vt: remove VT_RESIZE and VT_RESIZEX from vt_compat_ioctl() (git-fixes).
• watchdog: da9052_wdt: respect TWDMIN (stable-fixes).
• watchdog: exar: Shorten identity name to fit correctly (git-fixes).
• watchdog: fix watchdog may detect false positive of softlockup (stable-fixes).
• watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04 (git-fixes).
• watchdog: mediatek: Add support for MT6735 TOPRGU/WDT (git-fixes).
• wifi: ath11k: avoid burning CPU in ath11k_debugfs_fw_stats_request() (git-fixes).
• wifi: ath11k: convert timeouts to secs_to_jiffies() (stable-fixes).
• wifi: ath11k: do not use static variables in ath11k_debugfs_fw_stats_process() (git-fixes).
• wifi: ath11k: do not wait when there is no vdev started (git-fixes).
• wifi: ath11k: fix node corruption in ar->arvifs list (git-fixes).
• wifi: ath11k: Fix QMI memory reuse logic (stable-fixes).
• wifi: ath11k: fix ring-buffer corruption (git-fixes).
• wifi: ath11k: fix rx completion meta data corruption (git-fixes).
• wifi: ath11k: fix soc_dp_stats debugfs file permission (stable-fixes).
• wifi: ath11k: move some firmware stats related functions outside of debugfs (git-fixes).
• wifi: ath11k: update channel list in worker when wait flag is set (bsc#1243847).
• wifi: ath11k: validate ath11k_crypto_mode on top of ath11k_core_qmi_firmware_ready (git-fixes).
• wifi: ath12k: Add MSDU length validation for TKIP MIC error (git-fixes).
• wifi: ath12k: Avoid napi_sync() before napi_enable() (stable-fixes).
• wifi: ath12k: fix a possible dead lock caused by ab->base_lock (stable-fixes).
• wifi: ath12k: fix ath12k_hal_tx_cmd_ext_desc_setup() info1 override (stable-fixes).
• wifi: ath12k: fix cleanup path after mhi init (git-fixes).
• wifi: ath12k: Fix end offset bit definition in monitor ring descriptor (stable-fixes).
• wifi: ath12k: fix failed to set mhi state error during reboot with hardware grouping (stable-fixes).
• wifi: ath12k: fix incorrect CE addresses (stable-fixes).
• wifi: ath12k: fix invalid access to memory (git-fixes).
• wifi: ath12k: Fix invalid memory access while forming 802.11 header (git-fixes).
• wifi: ath12k: fix link valid field initialization in the monitor Rx (stable-fixes).
• wifi: ath12k: fix macro definition HAL_RX_MSDU_PKT_LENGTH_GET (stable-fixes).
• wifi: ath12k: Fix memory leak during vdev_id mismatch (git-fixes).
• wifi: ath12k: fix node corruption in ar->arvifs list (git-fixes).
• wifi: ath12k: fix ring-buffer corruption (git-fixes).
• wifi: ath12k: Fix the QoS control field offset to build QoS header (git-fixes).
• wifi: ath12k: Fix WMI tag for EHT rate in peer assoc (git-fixes).
• wifi: ath12k: Improve BSS discovery with hidden SSID in 6 GHz band (stable-fixes).
• wifi: ath12k: Pass correct values of center freq1 and center freq2 for 160 MHz (stable-fixes).
• wifi: ath12k: Report proper tx completion status to mac80211 (stable-fixes).
• wifi: ath9k_htc: Abort software beacon handling if disabled (git-fixes).
• wifi: ath9k: return by of_get_mac_address (stable-fixes).
• wifi: carl9170: do not ping device which has failed to load firmware (git-fixes).
• wifi: iwlfiwi: mvm: Fix the rate reporting (git-fixes).
• wifi: iwlwifi: Add missing MODULE_FIRMWARE for Qu-c0-jf-b0 (stable-fixes).
• wifi: iwlwifi: add support for Killer on MTL (stable-fixes).
• wifi: iwlwifi: fix debug actions order (stable-fixes).
• wifi: iwlwifi: pcie: make sure to lock rxq->read (stable-fixes).
• wifi: mac80211_hwsim: Prevent tsf from setting if beacon is disabled (stable-fixes).
• wifi: mac80211: do not offer a mesh path if forwarding is disabled (stable-fixes).
• wifi: mac80211: do not unconditionally call drv_mgd_complete_tx() (stable-fixes).
• wifi: mac80211: fix beacon interval calculation overflow (git-fixes).
• wifi: mac80211: remove misplaced drv_mgd_complete_tx() call (stable-fixes).
• wifi: mac80211: VLAN traffic in multicast path (stable-fixes).
• wifi: mt76: mt76x2: Add support for LiteOn WN4516R,WN4519R (stable-fixes).
• wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init() (git-fixes).
• wifi: mt76: mt7921: add 160 MHz AP for mt7922 device (stable-fixes).
• wifi: mt76: mt7925: ensure all MCU commands wait for response (git-fixes).
• wifi: mt76: mt7925: fix host interrupt register initialization (git-fixes).
• wifi: mt76: mt7925: prevent multiple scan commands (git-fixes).
• wifi: mt76: mt7925: refine the sniffer commnad (git-fixes).
• wifi: mt76: mt7996: drop fragments with multicast or broadcast RA (stable-fixes).
• wifi: mt76: mt7996: fix RX buffer size of MCU event (git-fixes).
• wifi: mt76: mt7996: revise TXS size (stable-fixes).
• wifi: mt76: mt7996: set EHT max ampdu length capability (git-fixes).
• wifi: mt76: only mark tx-status-failed frames as ACKed on mt76x0/2 (stable-fixes).
• wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() (git-fixes).
• wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723 (git-fixes).
• wifi: rtw88: do not ignore hardware read error during DPK (git-fixes).
• wifi: rtw88: Do not use static local variable in rtw8822b_set_tx_power_index_by_rate (stable-fixes).
• wifi: rtw88: Fix __rtw_download_firmware() for RTL8814AU (stable-fixes).
• wifi: rtw88: Fix download_firmware_validate() for RTL8814AU (stable-fixes).
• wifi: rtw88: Fix rtw_desc_to_mcsrate() to handle MCS16-31 (stable-fixes).
• wifi: rtw88: Fix rtw_init_ht_cap() for RTL8814AU (stable-fixes).
• wifi: rtw88: Fix rtw_init_vht_cap() for RTL8814AU (stable-fixes).
• wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (git-fixes).
• wifi: rtw88: sdio: call rtw_sdio_indicate_tx_status unconditionally (git-fixes).
• wifi: rtw88: sdio: map mgmt frames to queue TX_DESC_QSEL_MGMT (git-fixes).
• wifi: rtw88: usb: Reduce control message timeout to 500 ms (git-fixes).
• wifi: rtw89: add wiphy_lock() to work that isn't held wiphy_lock() yet (stable-fixes).
• wifi: rtw89: fw: propagate error code from rtw89_h2c_tx() (stable-fixes).
• wifi: rtw89: leave idle mode when setting WEP encryption for AP mode (stable-fixes).
• wifi: rtw89: pci: enlarge retry times of RX tag to 1000 (git-fixes).
• x86/idle: Remove MFENCEs for X86_BUG_CLFLUSH_MONITOR in mwait_idle_with_hints() and prefer_mwait_c1_over_halt() (git-fixes).
• x86/kaslr: Reduce KASLR entropy on most x86 systems (git-fixes).
• x86/microcode: Consolidate the loader enablement checking (git-fixes).
• x86/microcode/AMD: Add get_patch_level() (git-fixes).
• x86/microcode/AMD: Get rid of the _load_microcode_amd() forward declaration (git-fixes).
• x86/microcode/AMD: Have __apply_microcode_amd() return bool (git-fixes).
• x86/microcode/AMD: Make __verify_patch_size() return bool (git-fixes).
• x86/microcode/AMD: Merge early_apply_microcode() into its single callsite (git-fixes).
• x86/microcode/AMD: Remove ugly linebreak in __verify_patch_section() signature (git-fixes).
• x86/microcode/AMD: Return bool from find_blobs_in_containers() (git-fixes).
• x86/mm/init: Handle the special case of device private pages in add_pages(), to not increase max_pfn and trigger dma_addressing_limited() bounce buffers (git-fixes).
• x86/xen: fix balloon target initialization for PVH dom0 (git-fixes).
• xen/arm: call uaccess_ttbr0_enable for dm_op hypercall (git-fixes)
• xen/x86: fix initial memory balloon target (git-fixes).
• xsk: always clear DMA mapping information when unmapping the pool (git-fixes).

Special Instructions and Notes:

• Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• openSUSE Leap 15.6
  zypper in -t patch SUSE-2025-2249=1 openSUSE-SLE-15.6-2025-2249=1
• Public Cloud Module 15-SP6
  zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-2249=1

Package List:

• openSUSE Leap 15.6 (noarch)
  • kernel-devel-azure-6.4.0-150600.8.43.1
  • kernel-source-azure-6.4.0-150600.8.43.1
• openSUSE Leap 15.6 (aarch64 x86_64)
  • kernel-syms-azure-6.4.0-150600.8.43.1
  • kernel-azure-extra-debuginfo-6.4.0-150600.8.43.1
  • dlm-kmp-azure-debuginfo-6.4.0-150600.8.43.1
  • kernel-azure-extra-6.4.0-150600.8.43.1
  • kernel-azure-optional-debuginfo-6.4.0-150600.8.43.1
  • reiserfs-kmp-azure-debuginfo-6.4.0-150600.8.43.1
  • reiserfs-kmp-azure-6.4.0-150600.8.43.1
  • gfs2-kmp-azure-debuginfo-6.4.0-150600.8.43.1
  • gfs2-kmp-azure-6.4.0-150600.8.43.1
  • dlm-kmp-azure-6.4.0-150600.8.43.1
  • kselftests-kmp-azure-debuginfo-6.4.0-150600.8.43.1
  • kernel-azure-debuginfo-6.4.0-150600.8.43.1
  • ocfs2-kmp-azure-6.4.0-150600.8.43.1
  • cluster-md-kmp-azure-debuginfo-6.4.0-150600.8.43.1
  • kselftests-kmp-azure-6.4.0-150600.8.43.1
  • cluster-md-kmp-azure-6.4.0-150600.8.43.1
  • ocfs2-kmp-azure-debuginfo-6.4.0-150600.8.43.1
  • kernel-azure-debugsource-6.4.0-150600.8.43.1
  • kernel-azure-devel-6.4.0-150600.8.43.1
  • kernel-azure-devel-debuginfo-6.4.0-150600.8.43.1
  • kernel-azure-optional-6.4.0-150600.8.43.1
• openSUSE Leap 15.6 (aarch64 nosrc x86_64)
  • kernel-azure-6.4.0-150600.8.43.1
• openSUSE Leap 15.6 (x86_64)
  • kernel-azure-vdso-debuginfo-6.4.0-150600.8.43.1
  • kernel-azure-vdso-6.4.0-150600.8.43.1
• Public Cloud Module 15-SP6 (aarch64 nosrc x86_64)
  • kernel-azure-6.4.0-150600.8.43.1
• Public Cloud Module 15-SP6 (aarch64 x86_64)
  • kernel-syms-azure-6.4.0-150600.8.43.1
  • kernel-azure-debugsource-6.4.0-150600.8.43.1
  • kernel-azure-devel-6.4.0-150600.8.43.1
  • kernel-azure-debuginfo-6.4.0-150600.8.43.1
  • kernel-azure-devel-debuginfo-6.4.0-150600.8.43.1
• Public Cloud Module 15-SP6 (noarch)
  • kernel-devel-azure-6.4.0-150600.8.43.1
  • kernel-source-azure-6.4.0-150600.8.43.1

References:

• https://www.suse.com/security/cve/CVE-2023-52888.html
• https://www.suse.com/security/cve/CVE-2024-26831.html
• https://www.suse.com/security/cve/CVE-2024-49568.html
• https://www.suse.com/security/cve/CVE-2024-50106.html
• https://www.suse.com/security/cve/CVE-2024-56613.html
• https://www.suse.com/security/cve/CVE-2024-56699.html
• https://www.suse.com/security/cve/CVE-2024-57982.html
• https://www.suse.com/security/cve/CVE-2024-58053.html
• https://www.suse.com/security/cve/CVE-2025-21658.html
• https://www.suse.com/security/cve/CVE-2025-21720.html
• https://www.suse.com/security/cve/CVE-2025-21868.html
• https://www.suse.com/security/cve/CVE-2025-21898.html
• https://www.suse.com/security/cve/CVE-2025-21899.html
• https://www.suse.com/security/cve/CVE-2025-21920.html
• https://www.suse.com/security/cve/CVE-2025-21938.html
• https://www.suse.com/security/cve/CVE-2025-21959.html
• https://www.suse.com/security/cve/CVE-2025-21997.html
• https://www.suse.com/security/cve/CVE-2025-22035.html
• https://www.suse.com/security/cve/CVE-2025-22083.html
• https://www.suse.com/security/cve/CVE-2025-22111.html
• https://www.suse.com/security/cve/CVE-2025-22113.html
• https://www.suse.com/security/cve/CVE-2025-22120.html
• https://www.suse.com/security/cve/CVE-2025-23155.html
• https://www.suse.com/security/cve/CVE-2025-37738.html
• https://www.suse.com/security/cve/CVE-2025-37743.html
• https://www.suse.com/security/cve/CVE-2025-37752.html
• https://www.suse.com/security/cve/CVE-2025-37756.html
• https://www.suse.com/security/cve/CVE-2025-37757.html
• https://www.suse.com/security/cve/CVE-2025-37786.html
• https://www.suse.com/security/cve/CVE-2025-37800.html
• https://www.suse.com/security/cve/CVE-2025-37801.html
• https://www.suse.com/security/cve/CVE-2025-37811.html
• https://www.suse.com/security/cve/CVE-2025-37844.html
• https://www.suse.com/security/cve/CVE-2025-37859.html
• https://www.suse.com/security/cve/CVE-2025-37862.html
• https://www.suse.com/security/cve/CVE-2025-37865.html
• https://www.suse.com/security/cve/CVE-2025-37874.html
• https://www.suse.com/security/cve/CVE-2025-37884.html
• https://www.suse.com/security/cve/CVE-2025-37909.html
• https://www.suse.com/security/cve/CVE-2025-37917.html
• https://www.suse.com/security/cve/CVE-2025-37921.html
• https://www.suse.com/security/cve/CVE-2025-37923.html
• https://www.suse.com/security/cve/CVE-2025-37927.html
• https://www.suse.com/security/cve/CVE-2025-37933.html
• https://www.suse.com/security/cve/CVE-2025-37936.html
• https://www.suse.com/security/cve/CVE-2025-37938.html
• https://www.suse.com/security/cve/CVE-2025-37945.html
• https://www.suse.com/security/cve/CVE-2025-37946.html
• https://www.suse.com/security/cve/CVE-2025-37961.html
• https://www.suse.com/security/cve/CVE-2025-37967.html
• https://www.suse.com/security/cve/CVE-2025-37968.html
• https://www.suse.com/security/cve/CVE-2025-37973.html
• https://www.suse.com/security/cve/CVE-2025-37987.html
• https://www.suse.com/security/cve/CVE-2025-37992.html
• https://www.suse.com/security/cve/CVE-2025-37994.html
• https://www.suse.com/security/cve/CVE-2025-37995.html
• https://www.suse.com/security/cve/CVE-2025-37997.html
• https://www.suse.com/security/cve/CVE-2025-37998.html
• https://www.suse.com/security/cve/CVE-2025-38000.html
• https://www.suse.com/security/cve/CVE-2025-38001.html
• https://www.suse.com/security/cve/CVE-2025-38003.html
• https://www.suse.com/security/cve/CVE-2025-38004.html
• https://www.suse.com/security/cve/CVE-2025-38005.html
• https://www.suse.com/security/cve/CVE-2025-38007.html
• https://www.suse.com/security/cve/CVE-2025-38009.html
• https://www.suse.com/security/cve/CVE-2025-38010.html
• https://www.suse.com/security/cve/CVE-2025-38011.html
• https://www.suse.com/security/cve/CVE-2025-38013.html
• https://www.suse.com/security/cve/CVE-2025-38014.html
• https://www.suse.com/security/cve/CVE-2025-38015.html
• https://www.suse.com/security/cve/CVE-2025-38018.html
• https://www.suse.com/security/cve/CVE-2025-38020.html
• https://www.suse.com/security/cve/CVE-2025-38022.html
• https://www.suse.com/security/cve/CVE-2025-38023.html
• https://www.suse.com/security/cve/CVE-2025-38024.html
• https://www.suse.com/security/cve/CVE-2025-38027.html
• https://www.suse.com/security/cve/CVE-2025-38031.html
• https://www.suse.com/security/cve/CVE-2025-38040.html
• https://www.suse.com/security/cve/CVE-2025-38043.html
• https://www.suse.com/security/cve/CVE-2025-38044.html
• https://www.suse.com/security/cve/CVE-2025-38045.html
• https://www.suse.com/security/cve/CVE-2025-38053.html
• https://www.suse.com/security/cve/CVE-2025-38057.html
• https://www.suse.com/security/cve/CVE-2025-38059.html
• https://www.suse.com/security/cve/CVE-2025-38060.html
• https://www.suse.com/security/cve/CVE-2025-38065.html
• https://www.suse.com/security/cve/CVE-2025-38068.html
• https://www.suse.com/security/cve/CVE-2025-38072.html
• https://www.suse.com/security/cve/CVE-2025-38077.html
• https://www.suse.com/security/cve/CVE-2025-38078.html
• https://www.suse.com/security/cve/CVE-2025-38079.html
• https://www.suse.com/security/cve/CVE-2025-38080.html
• https://www.suse.com/security/cve/CVE-2025-38081.html
• https://www.suse.com/security/cve/CVE-2025-38083.html
• https://bugzilla.suse.com/show_bug.cgi?id=1151679
• https://bugzilla.suse.com/show_bug.cgi?id=1151680
• https://bugzilla.suse.com/show_bug.cgi?id=1151794
• https://bugzilla.suse.com/show_bug.cgi?id=1151927
• https://bugzilla.suse.com/show_bug.cgi?id=1210025
• https://bugzilla.suse.com/show_bug.cgi?id=1211226
• https://bugzilla.suse.com/show_bug.cgi?id=1215199
• https://bugzilla.suse.com/show_bug.cgi?id=1218184
• https://bugzilla.suse.com/show_bug.cgi?id=1223008
• https://bugzilla.suse.com/show_bug.cgi?id=1228557
• https://bugzilla.suse.com/show_bug.cgi?id=1228854
• https://bugzilla.suse.com/show_bug.cgi?id=1232504
• https://bugzilla.suse.com/show_bug.cgi?id=1232882
• https://bugzilla.suse.com/show_bug.cgi?id=1235490
• https://bugzilla.suse.com/show_bug.cgi?id=1235728
• https://bugzilla.suse.com/show_bug.cgi?id=1236208
• https://bugzilla.suse.com/show_bug.cgi?id=1237312
• https://bugzilla.suse.com/show_bug.cgi?id=1237913
• https://bugzilla.suse.com/show_bug.cgi?id=1238859
• https://bugzilla.suse.com/show_bug.cgi?id=1238982
• https://bugzilla.suse.com/show_bug.cgi?id=1240180
• https://bugzilla.suse.com/show_bug.cgi?id=1240577
• https://bugzilla.suse.com/show_bug.cgi?id=1240610
• https://bugzilla.suse.com/show_bug.cgi?id=1240686
• https://bugzilla.suse.com/show_bug.cgi?id=1240723
• https://bugzilla.suse.com/show_bug.cgi?id=1240814
• https://bugzilla.suse.com/show_bug.cgi?id=1240823
• https://bugzilla.suse.com/show_bug.cgi?id=1241166
• https://bugzilla.suse.com/show_bug.cgi?id=1241278
• https://bugzilla.suse.com/show_bug.cgi?id=1241414
• https://bugzilla.suse.com/show_bug.cgi?id=1241544
• https://bugzilla.suse.com/show_bug.cgi?id=1241572
• https://bugzilla.suse.com/show_bug.cgi?id=1241592
• https://bugzilla.suse.com/show_bug.cgi?id=1241617
• https://bugzilla.suse.com/show_bug.cgi?id=1242086
• https://bugzilla.suse.com/show_bug.cgi?id=1242163
• https://bugzilla.suse.com/show_bug.cgi?id=1242504
• https://bugzilla.suse.com/show_bug.cgi?id=1242515
• https://bugzilla.suse.com/show_bug.cgi?id=1242521
• https://bugzilla.suse.com/show_bug.cgi?id=1242556
• https://bugzilla.suse.com/show_bug.cgi?id=1242573
• https://bugzilla.suse.com/show_bug.cgi?id=1242725
• https://bugzilla.suse.com/show_bug.cgi?id=1242846
• https://bugzilla.suse.com/show_bug.cgi?id=1242849
• https://bugzilla.suse.com/show_bug.cgi?id=1242850
• https://bugzilla.suse.com/show_bug.cgi?id=1242907
• https://bugzilla.suse.com/show_bug.cgi?id=1242940
• https://bugzilla.suse.com/show_bug.cgi?id=1242946
• https://bugzilla.suse.com/show_bug.cgi?id=1242954
• https://bugzilla.suse.com/show_bug.cgi?id=1242982
• https://bugzilla.suse.com/show_bug.cgi?id=1243051
• https://bugzilla.suse.com/show_bug.cgi?id=1243060
• https://bugzilla.suse.com/show_bug.cgi?id=1243342
• https://bugzilla.suse.com/show_bug.cgi?id=1243467
• https://bugzilla.suse.com/show_bug.cgi?id=1243475
• https://bugzilla.suse.com/show_bug.cgi?id=1243480
• https://bugzilla.suse.com/show_bug.cgi?id=1243506
• https://bugzilla.suse.com/show_bug.cgi?id=1243523
• https://bugzilla.suse.com/show_bug.cgi?id=1243537
• https://bugzilla.suse.com/show_bug.cgi?id=1243538
• https://bugzilla.suse.com/show_bug.cgi?id=1243542
• https://bugzilla.suse.com/show_bug.cgi?id=1243544
• https://bugzilla.suse.com/show_bug.cgi?id=1243551
• https://bugzilla.suse.com/show_bug.cgi?id=1243571
• https://bugzilla.suse.com/show_bug.cgi?id=1243572
• https://bugzilla.suse.com/show_bug.cgi?id=1243620
• https://bugzilla.suse.com/show_bug.cgi?id=1243628
• https://bugzilla.suse.com/show_bug.cgi?id=1243698
• https://bugzilla.suse.com/show_bug.cgi?id=1243774
• https://bugzilla.suse.com/show_bug.cgi?id=1243782
• https://bugzilla.suse.com/show_bug.cgi?id=1243823
• https://bugzilla.suse.com/show_bug.cgi?id=1243827
• https://bugzilla.suse.com/show_bug.cgi?id=1243832
• https://bugzilla.suse.com/show_bug.cgi?id=1243836
• https://bugzilla.suse.com/show_bug.cgi?id=1243847
• https://bugzilla.suse.com/show_bug.cgi?id=1244100
• https://bugzilla.suse.com/show_bug.cgi?id=1244145
• https://bugzilla.suse.com/show_bug.cgi?id=1244172
• https://bugzilla.suse.com/show_bug.cgi?id=1244176
• https://bugzilla.suse.com/show_bug.cgi?id=1244229
• https://bugzilla.suse.com/show_bug.cgi?id=1244234
• https://bugzilla.suse.com/show_bug.cgi?id=1244241
• https://bugzilla.suse.com/show_bug.cgi?id=1244261
• https://bugzilla.suse.com/show_bug.cgi?id=1244274
• https://bugzilla.suse.com/show_bug.cgi?id=1244275
• https://bugzilla.suse.com/show_bug.cgi?id=1244277
• https://bugzilla.suse.com/show_bug.cgi?id=1244309
• https://bugzilla.suse.com/show_bug.cgi?id=1244313
• https://bugzilla.suse.com/show_bug.cgi?id=1244337
• https://bugzilla.suse.com/show_bug.cgi?id=1244626
• https://bugzilla.suse.com/show_bug.cgi?id=1244725
• https://bugzilla.suse.com/show_bug.cgi?id=1244727
• https://bugzilla.suse.com/show_bug.cgi?id=1244729
• https://bugzilla.suse.com/show_bug.cgi?id=1244731
• https://bugzilla.suse.com/show_bug.cgi?id=1244732
• https://bugzilla.suse.com/show_bug.cgi?id=1244736
• https://bugzilla.suse.com/show_bug.cgi?id=1244737
• https://bugzilla.suse.com/show_bug.cgi?id=1244738
• https://bugzilla.suse.com/show_bug.cgi?id=1244739
• https://bugzilla.suse.com/show_bug.cgi?id=1244743
• https://bugzilla.suse.com/show_bug.cgi?id=1244746
• https://bugzilla.suse.com/show_bug.cgi?id=1244759
• https://bugzilla.suse.com/show_bug.cgi?id=1244789
• https://bugzilla.suse.com/show_bug.cgi?id=1244862
• https://bugzilla.suse.com/show_bug.cgi?id=1244906
• https://bugzilla.suse.com/show_bug.cgi?id=1244938
• https://bugzilla.suse.com/show_bug.cgi?id=1244995
• https://bugzilla.suse.com/show_bug.cgi?id=1244996
• https://bugzilla.suse.com/show_bug.cgi?id=1244999
• https://bugzilla.suse.com/show_bug.cgi?id=1245001
• https://bugzilla.suse.com/show_bug.cgi?id=1245003
• https://bugzilla.suse.com/show_bug.cgi?id=1245004
• https://bugzilla.suse.com/show_bug.cgi?id=1245025
• https://bugzilla.suse.com/show_bug.cgi?id=1245042
• https://bugzilla.suse.com/show_bug.cgi?id=1245046
• https://bugzilla.suse.com/show_bug.cgi?id=1245078
• https://bugzilla.suse.com/show_bug.cgi?id=1245081
• https://bugzilla.suse.com/show_bug.cgi?id=1245082
• https://bugzilla.suse.com/show_bug.cgi?id=1245083
• https://bugzilla.suse.com/show_bug.cgi?id=1245155
• https://bugzilla.suse.com/show_bug.cgi?id=1245183
• https://bugzilla.suse.com/show_bug.cgi?id=1245193
• https://bugzilla.suse.com/show_bug.cgi?id=1245210
• https://bugzilla.suse.com/show_bug.cgi?id=1245217
• https://bugzilla.suse.com/show_bug.cgi?id=1245225
• https://bugzilla.suse.com/show_bug.cgi?id=1245226
• https://bugzilla.suse.com/show_bug.cgi?id=1245228
• https://bugzilla.suse.com/show_bug.cgi?id=1245431
• https://bugzilla.suse.com/show_bug.cgi?id=1245455
• https://jira.suse.com/browse/PED-10253
• https://jira.suse.com/browse/PED-12551