Security update for the Linux Kernel

Announcement ID:	SUSE-SU-2025:03602-1
Release Date:	2025-10-15T12:57:25Z
Rating:	important
References:	bsc#1012628 bsc#1213545 bsc#1215199 bsc#1221858 bsc#1222323 bsc#1230557 bsc#1230708 bsc#1233120 bsc#1234156 bsc#1236897 bsc#1240708 bsc#1240890 bsc#1241166 bsc#1241292 bsc#1241353 bsc#1241866 bsc#1242034 bsc#1242754 bsc#1242960 bsc#1244734 bsc#1244930 bsc#1245663 bsc#1245710 bsc#1245767 bsc#1245780 bsc#1245815 bsc#1245956 bsc#1245973 bsc#1245977 bsc#1246005 bsc#1246012 bsc#1246181 bsc#1246190 bsc#1246193 bsc#1246248 bsc#1246509 bsc#1247057 bsc#1247078 bsc#1247099 bsc#1247112 bsc#1247116 bsc#1247119 bsc#1247126 bsc#1247136 bsc#1247137 bsc#1247155 bsc#1247162 bsc#1247167 bsc#1247223 bsc#1247229 bsc#1247239 bsc#1247262 bsc#1247280 bsc#1247313 bsc#1247442 bsc#1247976 bsc#1248088 bsc#1248108 bsc#1248111 bsc#1248121 bsc#1248164 bsc#1248166 bsc#1248178 bsc#1248179 bsc#1248180 bsc#1248183 bsc#1248186 bsc#1248192 bsc#1248194 bsc#1248196 bsc#1248198 bsc#1248199 bsc#1248200 bsc#1248202 bsc#1248205 bsc#1248206 bsc#1248208 bsc#1248209 bsc#1248212 bsc#1248213 bsc#1248214 bsc#1248216 bsc#1248217 bsc#1248223 bsc#1248225 bsc#1248227 bsc#1248228 bsc#1248229 bsc#1248240 bsc#1248255 bsc#1248296 bsc#1248297 bsc#1248306 bsc#1248312 bsc#1248333 bsc#1248334 bsc#1248337 bsc#1248338 bsc#1248340 bsc#1248341 bsc#1248345 bsc#1248349 bsc#1248350 bsc#1248354 bsc#1248355 bsc#1248357 bsc#1248360 bsc#1248361 bsc#1248363 bsc#1248365 bsc#1248368 bsc#1248374 bsc#1248377 bsc#1248378 bsc#1248380 bsc#1248386 bsc#1248390 bsc#1248392 bsc#1248395 bsc#1248399 bsc#1248401 bsc#1248511 bsc#1248573 bsc#1248575 bsc#1248577 bsc#1248609 bsc#1248610 bsc#1248614 bsc#1248617 bsc#1248619 bsc#1248621 bsc#1248622 bsc#1248626 bsc#1248628 bsc#1248634 bsc#1248636 bsc#1248639 bsc#1248643 bsc#1248647 bsc#1248648 bsc#1248652 bsc#1248655 bsc#1248666 bsc#1248669 bsc#1248674 bsc#1248681 bsc#1248733 bsc#1248734 bsc#1248735 bsc#1248746 bsc#1248748 bsc#1248775 bsc#1249022 bsc#1249122 bsc#1249123 bsc#1249124 bsc#1249125 bsc#1249126 bsc#1249143 bsc#1249163 bsc#1249172 bsc#1249176 bsc#1249186 bsc#1249199 bsc#1249202 bsc#1249206 bsc#1249258 bsc#1249262 bsc#1249284 bsc#1249290 bsc#1249295 bsc#1249305 bsc#1249315 bsc#1249334 bsc#1249346 bsc#1249374 bsc#1249481 bsc#1249482 bsc#1249488 bsc#1249504 bsc#1249516 bsc#1249526 bsc#1249604 bsc#1250057 bsc#1250336 jsc#PED-13343 jsc#PED-13345
Cross-References:	CVE-2023-3867 CVE-2023-4130 CVE-2023-4515 CVE-2024-26661 CVE-2024-46733 CVE-2024-53125 CVE-2024-58238 CVE-2024-58239 CVE-2025-22022 CVE-2025-37885 CVE-2025-38006 CVE-2025-38075 CVE-2025-38103 CVE-2025-38125 CVE-2025-38146 CVE-2025-38160 CVE-2025-38184 CVE-2025-38185 CVE-2025-38190 CVE-2025-38201 CVE-2025-38205 CVE-2025-38208 CVE-2025-38245 CVE-2025-38251 CVE-2025-38255 CVE-2025-38263 CVE-2025-38360 CVE-2025-38402 CVE-2025-38408 CVE-2025-38418 CVE-2025-38419 CVE-2025-38439 CVE-2025-38441 CVE-2025-38444 CVE-2025-38445 CVE-2025-38456 CVE-2025-38458 CVE-2025-38459 CVE-2025-38464 CVE-2025-38466 CVE-2025-38472 CVE-2025-38488 CVE-2025-38491 CVE-2025-38499 CVE-2025-38500 CVE-2025-38503 CVE-2025-38506 CVE-2025-38510 CVE-2025-38512 CVE-2025-38513 CVE-2025-38514 CVE-2025-38515 CVE-2025-38516 CVE-2025-38520 CVE-2025-38524 CVE-2025-38526 CVE-2025-38527 CVE-2025-38528 CVE-2025-38529 CVE-2025-38530 CVE-2025-38531 CVE-2025-38533 CVE-2025-38535 CVE-2025-38537 CVE-2025-38538 CVE-2025-38540 CVE-2025-38541 CVE-2025-38543 CVE-2025-38544 CVE-2025-38546 CVE-2025-38548 CVE-2025-38550 CVE-2025-38553 CVE-2025-38555 CVE-2025-38556 CVE-2025-38560 CVE-2025-38563 CVE-2025-38565 CVE-2025-38566 CVE-2025-38568 CVE-2025-38571 CVE-2025-38572 CVE-2025-38574 CVE-2025-38576 CVE-2025-38581 CVE-2025-38582 CVE-2025-38583 CVE-2025-38585 CVE-2025-38587 CVE-2025-38588 CVE-2025-38590 CVE-2025-38591 CVE-2025-38593 CVE-2025-38595 CVE-2025-38597 CVE-2025-38601 CVE-2025-38602 CVE-2025-38604 CVE-2025-38605 CVE-2025-38608 CVE-2025-38609 CVE-2025-38610 CVE-2025-38612 CVE-2025-38614 CVE-2025-38617 CVE-2025-38618 CVE-2025-38621 CVE-2025-38622 CVE-2025-38623 CVE-2025-38624 CVE-2025-38630 CVE-2025-38632 CVE-2025-38634 CVE-2025-38635 CVE-2025-38639 CVE-2025-38640 CVE-2025-38643 CVE-2025-38644 CVE-2025-38645 CVE-2025-38646 CVE-2025-38650 CVE-2025-38656 CVE-2025-38659 CVE-2025-38660 CVE-2025-38663 CVE-2025-38664 CVE-2025-38665 CVE-2025-38668 CVE-2025-38670 CVE-2025-38671 CVE-2025-38676 CVE-2025-38678 CVE-2025-38679 CVE-2025-38701 CVE-2025-38705 CVE-2025-38709 CVE-2025-38721 CVE-2025-38722 CVE-2025-38730 CVE-2025-38732 CVE-2025-39678 CVE-2025-39682 CVE-2025-39691 CVE-2025-39703 CVE-2025-39705 CVE-2025-39718 CVE-2025-39746 CVE-2025-39773 CVE-2025-39782
CVSS scores:	CVE-2023-4130 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2023-4130 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-4515 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2023-4515 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-26661 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-26661 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-46733 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-46733 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-53125 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-53125 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-58238 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-58238 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-58239 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2024-58239 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2025-22022 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N CVE-2025-22022 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2025-37885 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38006 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N CVE-2025-38006 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2025-38075 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38075 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38103 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N CVE-2025-38103 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L CVE-2025-38125 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38125 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38146 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38146 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-38160 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38160 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38184 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38184 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38185 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38185 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38190 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38190 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38201 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38201 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38205 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38205 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38208 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38208 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38245 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38245 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38251 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38251 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38255 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38255 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38263 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38263 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38360 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38360 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38402 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38402 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38408 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N CVE-2025-38408 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H CVE-2025-38418 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38418 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38419 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38419 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38439 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N CVE-2025-38439 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVE-2025-38441 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N CVE-2025-38441 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2025-38444 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38444 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38445 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38445 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38456 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N CVE-2025-38456 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2025-38458 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38458 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38459 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38459 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38464 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N CVE-2025-38464 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H CVE-2025-38466 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L CVE-2025-38472 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38472 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38488 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2025-38488 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2025-38491 ( SUSE ): 2.3 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N CVE-2025-38491 ( SUSE ): 5.0 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L CVE-2025-38499 ( SUSE ): 6.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:H CVE-2025-38499 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H CVE-2025-38500 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2025-38500 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2025-38500 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2025-38503 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38503 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38506 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N CVE-2025-38506 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVE-2025-38510 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38510 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38512 ( SUSE ): 6.9 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N CVE-2025-38512 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVE-2025-38513 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38513 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38514 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38514 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38515 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38515 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38516 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38516 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38520 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38520 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38524 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38524 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38526 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38526 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38527 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N CVE-2025-38527 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2025-38528 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N CVE-2025-38528 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVE-2025-38529 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38529 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H CVE-2025-38530 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38530 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H CVE-2025-38531 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N CVE-2025-38531 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2025-38533 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N CVE-2025-38533 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2025-38535 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38535 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38537 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38537 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38538 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38538 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38540 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38540 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38541 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38541 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38543 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38543 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38544 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38544 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38546 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38546 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38548 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38548 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38550 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38550 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38553 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38553 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38555 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2025-38555 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2025-38556 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N CVE-2025-38556 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H CVE-2025-38560 ( SUSE ): 5.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H CVE-2025-38560 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H CVE-2025-38563 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H CVE-2025-38565 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N CVE-2025-38565 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVE-2025-38566 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2025-38566 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2025-38568 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N CVE-2025-38568 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2025-38571 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2025-38571 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2025-38572 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2025-38572 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2025-38574 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N CVE-2025-38574 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H CVE-2025-38576 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38576 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38581 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38581 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38582 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N CVE-2025-38582 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2025-38583 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38585 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2025-38585 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2025-38587 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38587 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38588 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2025-38588 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2025-38590 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38590 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38591 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N CVE-2025-38591 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L CVE-2025-38593 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38593 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38595 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38595 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38597 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38597 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38601 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38601 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38602 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38602 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38604 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N CVE-2025-38604 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H CVE-2025-38605 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38605 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38608 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38608 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2025-38609 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38609 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38610 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38610 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38612 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38612 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38614 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38614 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38617 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2025-38617 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2025-38618 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2025-38618 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2025-38621 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38621 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38622 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38622 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38623 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N CVE-2025-38623 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVE-2025-38624 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38624 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38630 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38630 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38632 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38632 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38634 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38634 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38635 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38635 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38639 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38639 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H CVE-2025-38640 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N CVE-2025-38640 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38643 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38643 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38644 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2025-38644 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2025-38645 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38645 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38646 ( SUSE ): 6.0 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38646 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-38650 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38656 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38656 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38659 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2025-38659 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H CVE-2025-38660 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38663 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2025-38664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2025-38665 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38668 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38668 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38670 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38671 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38676 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N CVE-2025-38676 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H CVE-2025-38678 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H CVE-2025-38679 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38679 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38701 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38701 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38705 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-38705 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38709 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2025-38709 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2025-38721 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38722 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38730 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-38732 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N CVE-2025-38732 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H CVE-2025-39678 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-39682 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H CVE-2025-39691 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H CVE-2025-39703 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-39705 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-39705 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-39718 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-39746 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N CVE-2025-39746 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2025-39773 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-39782 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-39782 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:	Confidential Computing Module 15-SP6 SUSE Linux Enterprise Server 15 SP6 SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves 149 vulnerabilities, contains two features and has 36 security fixes can now be installed.

Description:

The SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

CVE-2025-39782: jbd2: prevent softlockup in jbd2_log_do_checkpoint() (bsc#1249526).
CVE-2025-39773: net: bridge: fix soft lockup in br_multicast_query_expired() (bsc#1249504).
CVE-2025-39746: wifi: ath10k: shutdown driver when hardware is unreliable (bsc#1249516).
CVE-2025-39718: vsock/virtio: Validate length in packet header before skb_put() (bsc#1249305).
CVE-2025-39705: drm/amd/display: fix a Null pointer dereference vulnerability (bsc#1249295).
CVE-2025-39703: net, hsr: reject HSR frame if skb can't hold tag (bsc#1249315).
CVE-2025-39691: fs/buffer: fix use-after-free when call bh_read() helper (bsc#1249374).
CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1249284).
CVE-2025-39678: platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL (bsc#1249290).
CVE-2025-38732: netfilter: nf_reject: do not leak dst refcount for loopback packets (bsc#1249262).
CVE-2025-38730: io_uring/net: commit partial buffers on retry (bsc#1249172).
CVE-2025-38722: habanalabs: fix UAF in export_dmabuf() (bsc#1249163).
CVE-2025-38721: netfilter: ctnetlink: fix refcount leak on table dump (bsc#1249176).
CVE-2025-38709: loop: Avoid updating block size under exclusive owner (bsc#1249199).
CVE-2025-38705: drm/amd/pm: fix null pointer access (bsc#1249334).
CVE-2025-38701: ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr (bsc#1249258).
CVE-2025-38679: media: venus: Fix OOB read due to missing payload bound check (bsc#1249202).
CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249126).
CVE-2025-38676: iommu/amd: Avoid stack buffer overflow from kernel cmdline (bsc#1248775).
CVE-2025-38668: regulator: core: fix NULL dereference on unbind due to stale coupling data (bsc#1248647).
CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248628).
CVE-2025-38660: [ceph] parse_longname(): strrchr() expects NUL-terminated string (bsc#1248634).
CVE-2025-38659: gfs2: No more self recovery (bsc#1248639).
CVE-2025-38645: net/mlx5: Check device memory pointer before usage (bsc#1248626).
CVE-2025-38643: wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac() (bsc#1248681).
CVE-2025-38640: bpf: Disable migration in nf_hook_run_bpf() (bsc#1248622).
CVE-2025-38639: netfilter: xt_nfacct: do not assume acct name is null-terminated (bsc#1248674).
CVE-2025-38623: PCI: pnv_php: Fix surprise plug detection and recovery (bsc#1248610).
CVE-2025-38622: net: drop UFO packets in udp_rcv_segment() (bsc#1248619).
CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511).
CVE-2025-38614: eventpoll: Fix semi-unbounded recursion (bsc#1248392).
CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248338).
CVE-2025-38605: wifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type() (bsc#1248334).
CVE-2025-38597: drm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port (bsc#1248378).
CVE-2025-38595: xen: fix UAF in dmabuf_exp_from_pages() (bsc#1248380).
CVE-2025-38593: kABI workaround for bluetooth discovery_state change (bsc#1248357).
CVE-2025-38591: bpf: Reject narrower access to pointer ctx fields (bsc#1248363).
CVE-2025-38590: net/mlx5e: Remove skb secpath if xfrm state is not found (bsc#1248360).
CVE-2025-38585: staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int() (bsc#1248355).
CVE-2025-38574: pptp: ensure minimal skb length in pptp_xmit() (bsc#1248365).
CVE-2025-38560: x86/sev: Evict cache lines during SNP memory validation (bsc#1248312).
CVE-2025-38556: HID: core: Harden s32ton() against conversion to 0 bits (bsc#1248296).
CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223).
CVE-2025-38544: rxrpc: Fix bug due to prealloc collision (bsc#1248225).
CVE-2025-38533: net: libwx: fix the using of Rx buffer DMA (bsc#1248200).
CVE-2025-38531: iio: common: st_sensors: Fix use of uninitialize device structs (bsc#1248205).
CVE-2025-38528: bpf: Reject %p% format string in bprintf-like helpers (bsc#1248198).
CVE-2025-38527: smb: client: fix use-after-free in cifs_oplock_break (bsc#1248199).
CVE-2025-38526: ice: add NULL check in eswitch lag check (bsc#1248192).
CVE-2025-38524: rxrpc: Fix recv-recv race of completed call (bsc#1248194).
CVE-2025-38520: drm/amdkfd: Do not call mmput from MMU notifier callback (bsc#1248217).
CVE-2025-38514: rxrpc: Fix oops due to non-existence of prealloc backlog struct (bsc#1248202).
CVE-2025-38506: KVM: Allow CPU to reschedule while setting per-page memory attributes (bsc#1248186).
CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (bsc#1248088).
CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1247976).
CVE-2025-38491: mptcp: make fallback action and fallback decision atomic (bsc#1247280).
CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247239).
CVE-2025-38472: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (bsc#1247313).
CVE-2025-38466: perf: Revert to requiring CAP_SYS_ADMIN for uprobes (bsc#1247442).
CVE-2025-38464: tipc: Fix use-after-free in tipc_conn_close() (bsc#1247112).
CVE-2025-38459: atm: clip: Fix infinite recursive call of clip_push() (bsc#1247119).
CVE-2025-38458: atm: clip: Fix NULL pointer dereference in vcc_sendmsg() (bsc#1247116).
CVE-2025-38456: ipmi:msghandler: Fix potential memory corruption in ipmi_create_user() (bsc#1247099).
CVE-2025-38445: md/raid1: Fix stack memory use after return in raid1_reshape (bsc#1247229).
CVE-2025-38444: raid10: cleanup memleak at raid10_make_request (bsc#1247162).
CVE-2025-38441: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() (bsc#1247167).
CVE-2025-38439: bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT (bsc#1247155).
CVE-2025-38419: remoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in rproc_attach() (bsc#1247136).
CVE-2025-38418: remoteproc: core: Release rproc->clean_table after rproc_attach() fails (bsc#1247137).
CVE-2025-38408: genirq/irq_sim: Initialize work context pointers properly (bsc#1247126).
CVE-2025-38402: idpf: return 0 size for RSS key if not supported (bsc#1247262).
CVE-2025-38360: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees (bsc#1247078).
CVE-2025-38263: bcache: fix NULL pointer in cache_set_flush() (bsc#1246248).
CVE-2025-38251: atm: clip: prevent NULL deref in clip_push() (bsc#1246181).
CVE-2025-38245: atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister() (bsc#1246193).
CVE-2025-38208: smb: client: add NULL check in automount_fullpath (bsc#1245815).
CVE-2025-38205: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 (bsc#1246005).
CVE-2025-38201: netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX (bsc#1245977).
CVE-2025-38190: atm: Revert atm_account_tx() if copy_from_iter_full() fails (bsc#1245973).
CVE-2025-38185: atm: atmtcp: Free invalid length skb in atmtcp_c_send() (bsc#1246012).
CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956).
CVE-2025-38160: clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() (bsc#1245780).
CVE-2025-38146: net: openvswitch: Fix the dead loop of MPLS parse (bsc#1245767).
CVE-2025-38125: net: stmmac: make sure that ptp_rate is not 0 before configuring EST (bsc#1245710).
CVE-2025-38103: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (bsc#1245663).
CVE-2025-38075: scsi: target: iscsi: Fix timeout on deleted connection (bsc#1244734).
CVE-2025-38006: net: mctp: Do not access ifa_index when missing (bsc#1244930).
CVE-2025-37885: KVM: x86: Reset IRTE to host control if new route isn't postable (bsc#1242960).
CVE-2025-22022: usb: xhci: Apply the link chain quirk on NEC isoc endpoints (bsc#1241292).
CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156).
CVE-2024-46733: btrfs: fix qgroup reserve leaks in cow_file_range (bsc#1230708).

The following non-security bugs were fixed:

ACPI/IORT: Fix memory leak in iort_rmr_alloc_sids() (git-fixes).
ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered (stable-fixes).
ACPI: EC: Add device to acpi_ec_no_wakeup[] qurik list (stable-fixes).
ACPI: pfr_update: Fix the driver update version check (git-fixes).
ACPI: processor: fix acpi_object initialization (stable-fixes).
ACPI: processor: perflib: Move problematic pr->performance check (git-fixes).
ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (stable-fixes).
ALSA: hda/hdmi: Add pin fix for another HP EliteDesk 800 G4 model (stable-fixes).
ALSA: hda/realtek - Add new HP ZBook laptop with micmute led fixup (stable-fixes).
ALSA: hda/realtek: Add ALC295 Dell TAS2781 I2C fixup (git-fixes).
ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks (stable-fixes).
ALSA: hda/realtek: Add support for HP Agusta using CS35L41 HDA (stable-fixes).
ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 (stable-fixes).
ALSA: hda/realtek: Audio disappears on HP 15-fc000 after warm boot again (git-fixes).
ALSA: hda/realtek: Fix headset mic for TongFang X6[AF]R5xxY (stable-fixes).
ALSA: hda/realtek: Fix headset mic on ASUS Zenbook 14 (git-fixes).
ALSA: hda/realtek: Fix headset mic on HONOR BRB-X (stable-fixes).
ALSA: hda: Disable jack polling at shutdown (stable-fixes).
ALSA: hda: Handle the jack polling always via a work (stable-fixes).
ALSA: hda: intel-dsp-config: Prevent SEGFAULT if ACPI_HANDLE() is NULL (git-fixes).
ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 (stable-fixes).
ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop (stable-fixes).
ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() (git-fixes).
ALSA: usb-audio: Add mute TLV for playback volumes on some devices (stable-fixes).
ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros (stable-fixes).
ALSA: usb-audio: Fix size validation in convert_chmap_v3() (git-fixes).
ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation (git-fixes).
ALSA: usb-audio: Validate UAC3 cluster segment descriptors (git-fixes).
ALSA: usb-audio: Validate UAC3 power domain descriptors, too (git-fixes).
ASoC: Intel: avs: Fix uninitialized pointer error in probe() (stable-fixes).
ASoC: Intel: fix SND_SOC_SOF dependencies (stable-fixes).
ASoC: SOF: Intel: hda-stream: Fix incorrect variable used in error message (git-fixes).
ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx (stable-fixes).
ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx (stable-fixes).
ASoC: amd: yc: add DMI quirk for ASUS M6501RM (stable-fixes).
ASoC: codecs: rt5640: Retry DEVICE_ID verification (stable-fixes).
ASoC: codecs: tx-macro: correct tx_macro_component_drv name (stable-fixes).
ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (stable-fixes).
ASoC: hdac_hdmi: Rate limit logging on connection and disconnection (stable-fixes).
ASoC: qcom: audioreach: Fix lpaif_type configuration for the I2S interface (git-fixes).
ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed (git-fixes).
ASoC: qcom: q6apm-lpass-dais: Fix missing set_fmt DAI op for I2S (git-fixes).
ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed (stable-fixes).
ASoC: wm8940: Correct PLL rate rounding (git-fixes).
ASoC: wm8940: Correct typo in control name (git-fixes).
ASoC: wm8974: Correct PLL rate rounding (git-fixes).
Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() (git-fixes).
Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano (stable-fixes).
Bluetooth: compute LE flow credits based on recvbuf space (git-fixes).
Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() (git-fixes).
Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced (git-fixes).
Bluetooth: hci_event: Mark connection as closed during suspend disconnect (git-fixes).
Bluetooth: hci_event: Treat UNKNOWN_CONN_ID on disconnect as success (git-fixes).
Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established (git-fixes).
Bluetooth: hci_sock: Reset cookie to zero in hci_sock_free_cookie() (stable-fixes).
Bluetooth: hci_sync: Avoid adding default advertising on startup (stable-fixes).
Bluetooth: hci_sync: fix set_local_name race condition (git-fixes).
Bluetooth: qca: fix invalid device address check (git-fixes).
Bluetooth: qca: fix wcn3991 device address check (git-fixes).
Bluetooth: vhci: Prevent use-after-free by removing debugfs files early (git-fixes).
HID: asus: fix UAF via HID_CLAIMED_INPUT validation (git-fixes).
HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version() (stable-fixes).
HID: input: rename hidinput_set_battery_charge_status() (stable-fixes).
HID: input: report battery status changes immediately (git-fixes).
HID: mcp2221: Do not set bus speed on every transfer (stable-fixes).
HID: mcp2221: Handle reads greater than 60 bytes (stable-fixes).
HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() (git-fixes).
HID: quirks: add support for Legion Go dual dinput modes (stable-fixes).
HID: wacom: Add a new Art Pen 2 (stable-fixes).
IB/mlx5: Fix obj_type mismatch for SRQ event subscriptions (git-fixes)
Input: i8042 - add TUXEDO InfinityBook Pro Gen10 AMD to i8042 quirk table (stable-fixes).
Input: iqs7222 - avoid enabling unused interrupts (stable-fixes).
KVM: s390: Fix incorrect usage of mmu_notifier_register() (git-fixes bsc#1250336).
Limit patch filenames to 100 characters (bsc#1249604).
Move pesign-obs-integration requirement from kernel-syms to kernel devel subpackage (bsc#1248108).
NFSv4/flexfiles: Fix layout merge mirror check (git-fixes).
NFSv4: Clear the NFS_CAP_FS_LOCATIONS flag if it is not set (git-fixes).
NFSv4: Clear the NFS_CAP_XATTR flag if not supported by the server (git-fixes).
NFSv4: Do not clear capabilities that won't be reset (git-fixes).
PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge (git-fixes).
PCI: Add ACS quirk for Loongson PCIe (git-fixes).
PCI: Drop PCI patches that broke kdump capture boot (bsc#1246509)
PCI: Support Immediate Readiness on devices without PM capabilities (git-fixes).
PCI: apple: Fix missing OF node reference in apple_pcie_setup_port (git-fixes).
PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features (git-fixes).
PCI: imx6: Delay link start until configfs 'start' written (git-fixes).
PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset (git-fixes).
PCI: pnv_php: Clean up allocated IRQs on unplug (bsc#1215199).
PCI: pnv_php: Work around switches with broken presence detection (bsc#1215199).
PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining (git-fixes).
PCI: rockchip: Use standard PCIe definitions (git-fixes).
PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() (stable-fixes).
PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() (stable-fixes).
PM: sleep: console: Fix the black screen issue (stable-fixes).
RAS/AMD/ATL: Include row bit in row retirement (bsc#1242034).
RAS/AMD/FMPM: Get masked address (bsc#1242034).
RAS/AMD/FMPM: Use atl internal.h for INVALID_SPA (bsc#1242034).
RDMA/bnxt_re: Fix a possible memory leak in the driver (git-fixes)
RDMA/bnxt_re: Fix to do SRQ armena by default (git-fixes)
RDMA/bnxt_re: Fix to initialize the PBL array (git-fixes)
RDMA/bnxt_re: Fix to remove workload check in SRQ limit path (git-fixes)
RDMA/core: reduce stack using in nldev_stat_get_doit() (git-fixes)
RDMA/erdma: Fix ignored return value of init_kernel_qp (git-fixes)
RDMA/hns: Fix dip entries leak on devices newer than hip09 (git-fixes)
RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (git-fixes)
Revert "SUNRPC: Do not allow waiting for exiting tasks" (git-fixes).
Revert "drm/amdgpu: fix incorrect vm flags to map bo" (stable-fixes).
Revert "gpio: mlxbf3: only get IRQ for device instance 0" (git-fixes).
SUNRPC: call xs_sock_process_cmsg for all cmsg (git-fixes).
USB: gadget: dummy-hcd: Fix locking bug in RT-enabled kernels (git-fixes).
USB: serial: option: add Foxconn T99W709 (stable-fixes).
USB: serial: option: add Telit Cinterion FN990A w/audio compositions (stable-fixes).
USB: serial: option: add Telit Cinterion LE910C4-WWX new compositions (stable-fixes).
USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera (stable-fixes).
USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles (stable-fixes).
aoe: defer rexmit timer downdev work to workqueue (git-fixes).
arch/powerpc: Remove .interp section in vmlinux (bsc#1215199).
arm64/cpufeatures/kvm: Add ARMv8.9 FEAT_ECBHB bits in ID_AA64MMFR1 (git-fixes)
arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() (git-fixes)
arm64/mm: Check PUD_TYPE_TABLE in pud_bad() (git-fixes)
arm64: Add support for HIP09 Spectre-BHB mitigation (git-fixes)
arm64: Drop arm64 patches that may lead to module load failure (bsc#1250057)
arm64: Filter out SME hwcaps when FEAT_SME isn't implemented (git-fixes)
arm64: Handle KCOV __init vs inline mismatches (git-fixes)
arm64: Mark kernel as tainted on SAE and SError panic (git-fixes)
arm64: Restrict pagetable teardown to avoid false warning (git-fixes)
arm64: dts: apple: t8103: Fix PCIe BCM4377 nodename (git-fixes)
arm64: dts: freescale: imx8mm-verdin: Keep LDO5 always on (git-fixes)
arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed (git-fixes)
arm64: dts: imx8mm-beacon: Fix RTC capacitive load (git-fixes)
arm64: dts: imx8mm-venice-gw700x: Increase HS400 USDHC clock speed (git-fixes)
arm64: dts: imx8mm-venice-gw7901: Increase HS400 USDHC clock speed (git-fixes)
arm64: dts: imx8mm-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)
arm64: dts: imx8mm-venice-gw7903: Increase HS400 USDHC clock speed (git-fixes)
arm64: dts: imx8mm-venice-gw7904: Increase HS400 USDHC clock speed (git-fixes)
arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed (git-fixes)
arm64: dts: imx8mn-beacon: Fix RTC capacitive load (git-fixes)
arm64: dts: imx8mn-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)
arm64: dts: imx8mp-beacon: Fix RTC capacitive load (git-fixes)
arm64: dts: imx8mp-tqma8mpql: fix LDO5 power off (git-fixes)
arm64: dts: imx8mp: Fix missing microSD slot vqmmc on DH electronics (git-fixes)
arm64: dts: imx8mp: Fix missing microSD slot vqmmc on Data Modul (git-fixes)
arm64: dts: rockchip: Add vcc-supply to SPI flash on (git-fixes)
arm64: dts: rockchip: Update eMMC for NanoPi R5 series (git-fixes)
arm64: dts: rockchip: disable unrouted USB controllers and PHY on (git-fixes)
arm64: dts: rockchip: disable unrouted USB controllers and PHY on RK3399 Puma with Haikou (git-fixes).
arm64: dts: rockchip: fix endpoint dtc warning for PX30 ISP (git-fixes)
arm64: dts: rockchip: fix internal USB hub instability on RK3399 Puma (git-fixes)
arm64: dts: rockchip: use cs-gpios for spi1 on ringneck (git-fixes)
arm64: ftrace: fix unreachable PLT for ftrace_caller in init_module (git-fixes)
arm64: tegra: Drop remaining serial clock-names and reset-names (git-fixes)
arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator (git-fixes)
arm64: zynqmp: add clock-output-names property in clock nodes (git-fixes)
ata: libata-scsi: Fix CDL control (git-fixes).
ax25: properly unshare skbs in ax25_kiss_rcv() (git-fixes).
batman-adv: fix OOB read/write in network-coding decode (git-fixes).
block: fix kobject leak in blk_unregister_queue (git-fixes).
block: mtip32xx: Fix usage of dma_map_sg() (git-fixes).
bpf, bpftool: Fix incorrect disasm pc (git-fixes).
bpf: Adjust free target to avoid global starvation of LRU map (git-fixes).
bpf: Fix iter/task tid filtering (git-fixes).
bpf: Fix link info netfilter flags to populate defrag flag (git-fixes).
bpf: Make reg_not_null() true for CONST_PTR_TO_MAP (git-fixes).
bpf: Properly test iter/task tid filtering (git-fixes).
bpf: bpftool: Setting error code in do_loader() (git-fixes).
bpf: fix kfunc btf caching for modules (git-fixes).
bpf: use kvzmalloc to allocate BPF verifier environment (git-fixes).
bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure (git-fixes).
bpftool: Fix readlink usage in get_fd_type (git-fixes).
bpftool: Mount bpffs when pinmaps path not under the bpffs (git-fixes).
bpftool: fix potential NULL pointer dereferencing in prog_dump() (git-fixes).
btrfs: abort transaction during log replay if walk_log_tree() failed (git-fixes).
btrfs: abort transaction on unexpected eb generation at btrfs_copy_root() (git-fixes).
btrfs: add cancellation points to trim loops (git-fixes).
btrfs: always abort transaction on failure to add block group to free space tree (git-fixes).
btrfs: always update fstrim_range on failure in FITRIM ioctl (git-fixes).
btrfs: avoid load/store tearing races when checking if an inode was logged (git-fixes).
btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (git-fixes).
btrfs: correctly escape subvol in btrfs_show_options() (git-fixes).
btrfs: fix adding block group to a reclaim list and the unused list during reclaim (git-fixes).
btrfs: fix bitmap leak when loading free space cache on duplicate entry (git-fixes).
btrfs: fix data overwriting bug during buffered write when block size < page size (git-fixes).
btrfs: fix data race when accessing the inode's disk_i_size at btrfs_drop_extents() (git-fixes).
btrfs: fix invalid extref key setup when replaying dentry (git-fixes).
btrfs: fix race between logging inode and checking if it was logged before (git-fixes).
btrfs: fix race between setting last_dir_index_offset and inode logging (git-fixes).
btrfs: fix the length of reserved qgroup to free (bsc#1240708)
btrfs: make found_logical_ret parameter mandatory for function queue_scrub_stripe() (git-fixes).
btrfs: move transaction aborts to the error site in add_block_group_free_space() (git-fixes).
btrfs: qgroup: fix race between quota disable and quota rescan ioctl (git-fixes).
btrfs: retry block group reclaim without infinite loop (git-fixes).
btrfs: return accurate error code on open failure in open_fs_devices() (bsc#1233120)
btrfs: run delayed iputs when flushing delalloc (git-fixes).
btrfs: scrub: avoid unnecessary csum tree search preparing stripes (git-fixes).
btrfs: scrub: avoid unnecessary extent tree search preparing stripes (git-fixes).
btrfs: scrub: fix grouping of read IO (git-fixes).
btrfs: scrub: remove scrub_ctx::csum_list member (git-fixes).
btrfs: split remaining space to discard in chunks (git-fixes).
btrfs: tree-checker: fix the incorrect inode ref size check (git-fixes).
btrfs: update target inode's ctime on unlink (git-fixes).
btrfs: use SECTOR_SHIFT to convert physical offset to LBA (git-fixes).
can: j1939: implement NETDEV_UNREGISTER notification handler (git-fixes).
can: j1939: j1939_local_ecu_get(): undo increment when j1939_local_ecu_get() fails (git-fixes).
can: j1939: j1939_sk_bind(): call j1939_priv_put() immediately when j1939_local_ecu_get() failed (git-fixes).
can: xilinx_can: xcan_write_frame(): fix use-after-free of transmitted SKB (git-fixes).
cdc_ncm: Flag Intel OEM version of Fibocom L850-GL as WWAN (stable-fixes).
cdx: Fix off-by-one error in cdx_rpmsg_probe() (git-fixes).
ceph: fix possible integer overflow in ceph_zero_objects() (git-fixes).
ceph: validate snapdirname option length when mounting (git-fixes).
cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key (bsc#1241166).
char: misc: Fix improper and inaccurate error code returned by misc_init() (stable-fixes).
comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() (git-fixes).
comedi: Make insn_rw_emulate_bits() do insn->n samples (git-fixes).
comedi: fix race between polling and detaching (git-fixes).
comedi: pcl726: Prevent invalid irq number (git-fixes).
compiler-clang.h: define SANITIZE_* macros only when undefined (stable-fixes).
cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag (stable-fixes).
cpufreq: Exit governor when failed to start old governor (stable-fixes).
cpufreq: Init policy->rwsem before it may be possibly used (git-fixes).
cpufreq: Initialize cpufreq-based frequency-invariance later (git-fixes).
cpufreq: Use the fixed and coherent frequency for scaling capacity (stable-fixes).
cpufreq: cppc: Fix invalid return value in .get() callback (git-fixes).
cpufreq: governor: Fix negative 'idle_time' handling in dbs_update() (git-fixes).
cpufreq: intel_pstate: Always use HWP_DESIRED_PERF in passive mode (git-fixes).
cpufreq: intel_pstate: Unchecked MSR aceess in legacy mode (git-fixes).
cpufreq: scpi: compare kHz instead of Hz (git-fixes).
cpupower: Fix a bug where the -t option of the set subcommand was not working (stable-fixes).
crypto: af_alg - Set merge to zero early in af_alg_sendmsg (git-fixes).
crypto: hisilicon/hpre - fix dma unmap sequence (stable-fixes).
crypto: jitter - fix intermediary handling (stable-fixes).
crypto: octeontx2 - add timeout for load_fvc completion poll (stable-fixes).
crypto: qat - lower priority for skcipher and aead algorithms (stable-fixes).
dma/pool: Ensure DMA_DIRECT_REMAP allocations are decrypted (stable-fixes).
dmaengine: dw: dmamux: Fix device reference leak in rzn1_dmamux_route_allocate (git-fixes).
dmaengine: idxd: Fix double free in idxd_setup_wqs() (git-fixes).
dmaengine: idxd: Fix refcount underflow on module unload (git-fixes).
dmaengine: idxd: Remove improper idxd_free (git-fixes).
dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees (git-fixes).
dmaengine: ti: edma: Fix memory allocation size for queue_priority_map (git-fixes).
drivers/base/node: optimize memory block registration to reduce boot time (bsc#1241866).
drivers/base/node: remove register_mem_block_under_node_early() (bsc#1241866).
drivers/base/node: remove register_memory_blocks_under_node() function call from register_one_node (bsc#1241866).
drivers/base/node: rename __register_one_node() to register_one_node() (bsc#1241866).
drivers/base/node: rename register_memory_blocks_under_node() and remove context argument (bsc#1241866).
drm/amd/amdgpu: Fix missing error return on kzalloc failure (git-fixes).
drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() (git-fixes).
drm/amd/display: Add primary plane to commits for correct VRR handling (stable-fixes).
drm/amd/display: Adjust DCE 8-10 clock, do not overclock by 15% (git-fixes).
drm/amd/display: Avoid a NULL pointer dereference (stable-fixes).
drm/amd/display: Avoid configuring PSR granularity if PSR-SU not supported (stable-fixes).
drm/amd/display: Avoid trying AUX transactions on disconnected ports (stable-fixes).
drm/amd/display: Disable DPCD Probe Quirk (bsc#1248121).
drm/amd/display: Do not overclock DCE 6 by 15% (git-fixes).
drm/amd/display: Do not warn when missing DCE encoder caps (stable-fixes).
drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs (stable-fixes).
drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs (stable-fixes).
drm/amd/display: Fix 'failed to blank crtc!' (stable-fixes).
drm/amd/display: Fix DP audio DTO1 clock source on DCE 6 (stable-fixes).
drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 (git-fixes).
drm/amd/display: Only finalize atomic_obj if it was initialized (stable-fixes).
drm/amd/display: Separate set_gsl from set_gsl_source_select (stable-fixes).
drm/amd/display: use udelay rather than fsleep (git-fixes).
drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual (stable-fixes).
drm/amd: Restore cached power limit during resume (stable-fixes).
drm/amdgpu/vcn4: Fix IB parsing with multiple engine info packages (stable-fixes).
drm/amdgpu/vcn: Allow limiting ctx to instance 0 for AV1 at any time (stable-fixes).
drm/amdgpu: Avoid extra evict-restore process (stable-fixes).
drm/amdgpu: drop hw access in non-DC audio fini (stable-fixes).
drm/amdgpu: fix a memory leak in fence cleanup when unloading (git-fixes).
drm/amdgpu: fix incorrect vm flags to map bo (git-fixes).
drm/amdgpu: fix task hang from failed job submission during process kill (git-fixes).
drm/amdgpu: update mmhub 3.0.1 client id mappings (stable-fixes).
drm/amdkfd: Destroy KFD debugfs after destroy KFD wq (stable-fixes).
drm/bridge: ti-sn65dsi86: fix REFCLK setting (git-fixes).
drm/dp: Add an EDID quirk for the DPCD register access probe (bsc#1248121).
drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS (stable-fixes).
drm/dp: Change AUX DPCD probe address from LANE0_1_STATUS to TRAINING_PATTERN_SET (bsc#1248121).
drm/edid: Add support for quirks visible to DRM core and drivers (bsc#1248121).
drm/edid: Define the quirks in an enum list (bsc#1248121).
drm/hisilicon/hibmc: fix the hibmc loaded failed bug (git-fixes).
drm/i915/power: fix size for for_each_set_bit() in abox iteration (git-fixes).
drm/mediatek: Fix device/node reference count leaks in mtk_drm_get_all_drm_priv (git-fixes).
drm/mediatek: fix potential OF node use-after-free (git-fixes).
drm/msm/kms: move snapshot init earlier in KMS init (git-fixes).
drm/msm: Defer fd_install in SUBMIT ioctl (git-fixes).
drm/msm: use trylock for debugfs (stable-fixes).
drm/nouveau/disp: Always accept linear modifier (git-fixes).
drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor() (git-fixes).
drm/nouveau: fix error path in nvkm_gsp_fwsec_v2 (git-fixes).
drm/nouveau: fix typos in comments (git-fixes).
drm/nouveau: remove unused increment in gm200_flcn_pio_imem_wr (git-fixes).
drm/nouveau: remove unused memory target test (git-fixes).
drm/ttm: Respect the shrinker core free target (stable-fixes).
drm/ttm: Should to return the evict error (stable-fixes).
drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ (git-fixes).
drm: bridge: cdns-mhdp8546: Fix missing mutex unlock on error path (git-fixes).
erofs: fix atomic context detection when !CONFIG_DEBUG_LOCK_ALLOC (git-fixes).
et131x: Add missing check after DMA map (stable-fixes).
exfat: add cluster chain loop check for dir (git-fixes).
ext4: remove writable userspace mappings before truncating page cache (bsc#1247223).
fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (stable-fixes).
fbdev: fix potential buffer overflow in do_register_framebuffer() (stable-fixes).
flexfiles/pNFS: fix NULL checks on result of ff_layout_choose_ds_for_read (git-fixes).
fs/mnt_idmapping.c: Return -EINVAL when no map is written (bsc#1233120)
fs/orangefs: use snprintf() instead of sprintf() (git-fixes).
gpio: mlxbf3: use platform_get_irq_optional() (git-fixes).
gpio: tps65912: check the return value of regmap_update_bits() (stable-fixes).
gpio: wcd934x: check the return value of regmap_update_bits() (stable-fixes).
hfs: fix not erasing deleted b-tree node issue (git-fixes).
hfs: fix slab-out-of-bounds in hfs_bnode_read() (git-fixes).
hfsplus: do not use BUG_ON() in hfsplus_create_attributes_file() (git-fixes).
hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() (git-fixes).
hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (git-fixes).
hv_netvsc: Fix panic during namespace deletion with VF (bsc#1248111).
hv_netvsc: Set VF priv_flags to IFF_NO_ADDRCONF before open to prevent IPv6 addrconf (git-fixes).
hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state (stable-fixes).
hwmon: mlxreg-fan: Prevent fans from getting stuck at 0 RPM (git-fixes).
hypfs_create_cpu_files(): add missing check for hypfs_mkdir() failure (git-fixes bsc#1249122).
i2c: Force DLL0945 touchpad i2c freq to 100khz (stable-fixes).
i2c: i801: Hide Intel Birch Stream SoC TCO WDT (git-fixes).
i2c: tegra: Use internal reset when reset property is not available (bsc#1249143)
i3c: do not fail if GETHDRCAP is unsupported (stable-fixes).
i3c: master: Initialize ret in i3c_i2c_notifier_call() (stable-fixes).
iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement (stable-fixes).
iio: adc: ad_sigma_delta: do not overallocate scan buffer (stable-fixes).
iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64 (stable-fixes).
iio: imu: inv_icm42600: use = { } instead of memset() (stable-fixes).
iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() (git-fixes).
iio: proximity: isl29501: fix buffered read on big-endian systems (git-fixes).
integrity/platform_certs: Allow loading of keys in the static key management mode (jsc#PED-13345 jsc#PED-13343).
iosys-map: Fix undefined behavior in iosys_map_clear() (git-fixes).
ipmi: Fix strcpy source and destination the same (stable-fixes).
ipmi: Use dev_warn_ratelimited() for incorrect message warnings (stable-fixes).
isolcpus: add missing hunk back (bsc#1236897 bsc#1249206).
jfs: Regular file corruption check (git-fixes).
jfs: truncate good inode pages when hard link is 0 (git-fixes).
jfs: upper bound check of tree index in dbAllocAG (git-fixes).
kABI fix for "netfilter: nf_tables: Audit log rule reset" (git-fixes).
kABI workaround for "drm/dp: Add an EDID quirk for the DPCD register access probe" (bsc#1248121).
kABI: PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes).
kABI: adjust new field on ip_ct_sctp struct (git-fixes).
kABI: arm64: ftrace: Restore struct mod_arch_specific layout (git-fixes).
kABI: make nft_trans_gc_catchall() public again (git-fixes).
kABI: netfilter flowtable move gc operation to bottom (git-fixes).
kernel-binary: Another installation ordering fix (bsc#1241353).
kernel-subpackage-build: Decompress ghost file when compressed version exists (bsc#1249346)
kselftest/arm64: Fix check for setting new VLs in sve-ptrace (git-fixes).
leds: leds-lp50xx: Handle reg to get correct multi_index (stable-fixes).
loop: use kiocb helpers to fix lockdep warning (git-fixes).
mISDN: Fix memory leak in dsp_hwec_enable() (git-fixes).
mISDN: hfcpci: Fix warning when deleting uninitialized timer (git-fixes).
md/md-cluster: handle REMOVE message earlier (bsc#1247057).
md/raid1,raid10: strip REQ_NOWAIT from member bios (git-fixes).
md: allow removing faulty rdev during resync (git-fixes).
md: make rdev_addable usable for rcu mode (git-fixes).
media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() (stable-fixes).
media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar (stable-fixes).
media: tc358743: Check I2C succeeded during probe (stable-fixes).
media: tc358743: Increase FIFO trigger level to 374 (stable-fixes).
media: tc358743: Return an appropriate colorspace from tc358743_set_fmt (stable-fixes).
media: usb: hdpvr: disable zero-length read messages (stable-fixes).
media: uvcvideo: Fix bandwidth issue for Alcor camera (stable-fixes).
media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control (stable-fixes).
mei: bus: Check for still connected devices in mei_cl_bus_dev_release() (stable-fixes).
memstick: Fix deadlock by moving removing flag earlier (git-fixes).
mm/hwpoison: do not send SIGBUS to processes with recovered clean pages (git-fixes).
mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn (git-fixes).
mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() (git-fixes)
mm: introduce and use {pgd,p4d}_populate_kernel() (git-fixes).
mm: move page table sync declarations to linux/pgtable.h (git-fixes).
mmc: core: Use GFP_NOIO in ACMD22 (git-fixes).
mmc: mvsdio: Fix dma_unmap_sg() nents value (git-fixes).
mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() (stable-fixes).
mmc: sdhci-msm: Ensure SD card power isn't ON when card removed (stable-fixes).
mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency (git-fixes).
most: core: Drop device reference after usage in get_channel() (git-fixes).
mptcp: fallback when MPTCP opts are dropped after 1st data (git-fixes).
mptcp: reset when MPTCP opts are dropped after join (git-fixes).
mtd: nand: raw: atmel: Fix comment in timings preparation (stable-fixes).
mtd: nand: raw: atmel: Respect tAR, tCLR in read setup timing (git-fixes).
mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer (git-fixes).
mtd: rawnand: stm32_fmc2: fix ECC overwrite (git-fixes).
net: hv_netvsc: fix loss of early receive events from host during channel open (git-fixes).
net: phy: micrel: Add ksz9131_resume() (stable-fixes).
net: phy: smsc: add proper reset flags for LAN8710A (stable-fixes).
net: rose: convert 'use' field to refcount_t (git-fixes).
net: rose: fix a typo in rose_clear_routes() (git-fixes).
net: rose: include node references in rose_neigh refcount (git-fixes).
net: rose: split remove and free operations in rose_remove_neigh() (stable-fixes).
net: thunderbolt: Enable end-to-end flow control also in transmit (stable-fixes).
net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths() (stable-fixes).
net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization (git-fixes).
net: usb: asix_devices: add phy_mask for ax88772 mdio bus (git-fixes).
net: usb: cdc-ncm: check for filtering capability (git-fixes).
net: usb: qmi_wwan: add Telit Cinterion LE910C4-WWX new compositions (git-fixes).
netfilter: conntrack: fix extension size table (git-fixes).
netfilter: flowtable: GC pushes back packets to classic path (git-fixes).
netfilter: handle the connecting collision properly in nf_conntrack_proto_sctp (git-fixes).
netfilter: nat: fix ipv6 nat redirect with mapped and scoped addresses (git-fixes).
netfilter: nf_conntrack_bridge: initialize err to 0 (git-fixes).
netfilter: nf_tables: A better name for nft_obj_filter (git-fixes).
netfilter: nf_tables: Audit log rule reset (git-fixes).
netfilter: nf_tables: Carry reset boolean in nft_obj_dump_ctx (git-fixes).
netfilter: nf_tables: Carry s_idx in nft_obj_dump_ctx (git-fixes).
netfilter: nf_tables: Deduplicate nft_register_obj audit logs (git-fixes).
netfilter: nf_tables: Drop pointless memset in nf_tables_dump_obj (git-fixes).
netfilter: nf_tables: Drop pointless memset when dumping rules (git-fixes).
netfilter: nf_tables: Fix entries val in rule reset audit log (git-fixes).
netfilter: nf_tables: Introduce nf_tables_getrule_single() (git-fixes).
netfilter: nf_tables: Open-code audit log call in nf_tables_getrule() (git-fixes).
netfilter: nf_tables: Unbreak audit log reset (git-fixes).
netfilter: nf_tables: Unconditionally allocate nft_obj_filter (git-fixes).
netfilter: nf_tables: audit log object reset once per table (git-fixes).
netfilter: nf_tables: bogus ENOENT when destroying element which does not exist (git-fixes).
netfilter: nf_tables: disallow element removal on anonymous sets (git-fixes).
netfilter: nf_tables: do not remove elements if set backend implements .abort (git-fixes).
netfilter: nf_tables: nft_obj_filter fits into cb->ctx (git-fixes).
netfilter: nf_tables: remove catchall element in GC sync path (git-fixes).
netfilter: nf_tables: revert do not remove elements if set backend implements .abort (git-fixes).
netfilter: nf_tables: split async and sync catchall in two functions (git-fixes).
netfilter: nfnetlink_log: silence bogus compiler warning (git-fixes).
netfilter: nft_payload: fix wrong mac header matching (git-fixes).
netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration (git-fixes).
netfilter: nft_set_pipapo: call nft_trans_gc_queue_sync() in catchall GC (git-fixes).
netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation fails (git-fixes).
netfilter: nft_set_rbtree: prefer sync gc to async worker (git-fixes).
netfilter: nft_set_rbtree: rename gc deactivate+erase function (git-fixes).
netfilter: xt_recent: fix (increase) ipv6 literal buffer length (git-fixes).
nilfs2: fix CFI failure when accessing /sys/fs/nilfs2/features/* (git-fixes).
nouveau: fix disabling the nonstall irq due to storm code (git-fixes).
nvme-pci: try function level reset on init failure (git-fixes).
pNFS: Fix disk addr range check in block/scsi layout (git-fixes).
pNFS: Fix stripe mapping in block/scsi layout (git-fixes).
pNFS: Fix uninited ptr deref in block/scsi layout (git-fixes).
pNFS: Handle RPC size limit for layoutcommits (git-fixes).
pcmcia: Add error handling for add_interval() in do_validate_mem() (git-fixes).
pcmcia: Fix a NULL pointer dereference in __iodyn_find_io_region() (git-fixes).
pcmcia: omap: Add missing check for platform_get_resource (git-fixes).
phy: mscc: Fix parsing of unicast frames (git-fixes).
phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal (stable-fixes).
phy: tegra: xusb: fix device and OF node leak at probe (git-fixes).
phy: ti-pipe3: fix device leak at unbind (git-fixes).
pinctrl: STMFX: add missing HAS_IOMEM dependency (git-fixes).
pinctrl: stm32: Manage irq affinity settings (stable-fixes).
platform/chrome: cros_ec_typec: Defer probe on missing EC parent (stable-fixes).
platform/mellanox: mlxbf-pmc: Remove newline char from event name input (git-fixes).
platform/mellanox: mlxbf-pmc: Validate event/enable input (git-fixes).
platform/x86/amd/pmc: Add TUXEDO IB Pro Gen10 AMD to spurious 8042 quirks list (stable-fixes).
platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list (stable-fixes).
platform/x86: dell-wmi-sysman: Fix class device unregistration (git-fixes).
platform/x86: think-lmi: Fix class device unregistration (git-fixes).
platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches (git-fixes).
pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() (stable-fixes).
power: supply: bq27xxx: fix error return in case of no bq27000 hdq battery (git-fixes).
power: supply: bq27xxx: restrict no-battery detection to bq27000 (git-fixes).
power: supply: qcom_battmgr: Add lithium-polymer entry (stable-fixes).
powerpc/eeh: Export eeh_unfreeze_pe() (bsc#1215199).
powerpc/eeh: Make EEH driver device hotplug safe (bsc#1215199).
powerpc/eeh: Rely on dev->link_active_reporting (bsc#1215199).
powerpc/kernel: Fix ppc_save_regs inclusion in build (bsc#1215199).
powerpc/pseries: Correct secvar format representation for static key management (jsc#PED-13345 jsc#PED-13343).
powerpc/secvar: Expose secvars relevant to the key management mode (jsc#PED-13345 jsc#PED-13343).
powerpc: do not build ppc_save_regs.o always (bsc#1215199).
pptp: fix pptp_xmit() error path (git-fixes).
pwm: mediatek: Fix duty and period setting (git-fixes).
pwm: mediatek: Handle hardware enable and clock enable separately (stable-fixes).
regulator: sy7636a: fix lifecycle of power good gpio (git-fixes).
reset: brcmstb: Enable reset drivers for ARCH_BCM2835 (stable-fixes).
rpm: Configure KABI checkingness macro (bsc#1249186).
rpm: Drop support for kabi/arch/ignore-flavor (bsc#1249186).
rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 (stable-fixes).
rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe (stable-fixes).
s390/cpum_cf: Deny all sampling events by counter PMU (git-fixes bsc#1249481).
s390/hypfs: Avoid unnecessary ioctl registration in debugfs (git-fixes bsc#1248733 LTC#214881).
s390/hypfs: Enable limited access during lockdown (git-fixes bsc#1248733 LTC#214881).
s390/ism: fix concurrency management in ism_cmd() (git-fixes bsc#1248735).
s390/pai: Deny all events not handled by this PMU (git-fixes bsc#1249482).
s390/pci: Allow automatic recovery with minimal driver support (git-fixes bsc#1248734 LTC#214880).
s390/sclp: Fix SCCB present check (git-fixes bsc#1249123).
s390/stp: Remove udelay from stp_sync_clock() (git-fixes bsc#1249124).
s390/time: Use monotonic clock in get_cycles() (git-fixes bsc#1249125).
s390/vfio-ap: Fix no AP queue sharing allowed message written to kernel log (git-fixes bsc#1249488).
samples/bpf: Fix compilation errors with cf-protection option (git-fixes).
scsi: Revert "scsi: iscsi: Fix HW conn removal use after free" (git-fixes).
scsi: core: Fix kernel doc for scsi_track_queue_full() (git-fixes).
scsi: elx: efct: Fix dma_unmap_sg() nents value (git-fixes).
scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value (git-fixes).
scsi: isci: Fix dma_unmap_sg() nents value (git-fixes).
scsi: mpi3mr: Fix kernel-doc issues in mpi3mr_app.c (git-fixes).
scsi: mpi3mr: Fix race between config read submit and interrupt completion (git-fixes).
scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems (git-fixes).
scsi: mpt3sas: Fix a fw_event memory leak (git-fixes).
scsi: mvsas: Fix dma_unmap_sg() nents value (git-fixes).
scsi: sd: Make sd shutdown issue START STOP UNIT appropriately (git-fixes).
selftests/bpf: Add asserts for netfilter link info (git-fixes).
selftests/bpf: Add cmp_map_pointer_with_const test (git-fixes).
selftests/bpf: Add test cases with CONST_PTR_TO_MAP null checks (git-fixes).
selftests/bpf: adapt one more case in test_lru_map to the new target_free (git-fixes).
selftests/bpf: fexit_sleep: Fix stack allocation for arm64 (git-fixes).
selftests/tracing: Fix false failure of subsystem event test (git-fixes).
selftests: Fix errno checking in syscall_user_dispatch test (git-fixes).
selftests: rtnetlink.sh: remove esp4_offload after test (git-fixes).
serial: 8250: fix panic due to PSLVERR (git-fixes).
serial: sc16is7xx: fix bug in flow control levels init (git-fixes).
slab: Decouple slab_debug and no_hash_pointers (bsc#1249022).
soc/tegra: pmc: Ensure power-domains are in a known state (git-fixes).
soundwire: amd: serialize amd manager resume sequence during pm_prepare (stable-fixes).
spi: spi-fsl-lpspi: Fix transmissions when using CONT (git-fixes).
spi: spi-fsl-lpspi: Reset FIFO and disable module on transfer abort (git-fixes).
spi: spi-fsl-lpspi: Set correct chip-select polarity bit (git-fixes).
squashfs: fix memory leak in squashfs_fill_super (git-fixes).
struct cdc_ncm_ctx: hide new member filtering_supported (git-fixes).
struct l2cap_chan: shift new member rx_avail to end (git-fixes).
sunvdc: Balance device refcount in vdc_port_mpgroup_check (git-fixes).
supported.conf: mark hyperv_drm as external
thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required (stable-fixes).
thermal: sysfs: Return ENODATA instead of EAGAIN for reads (stable-fixes).
ublk: sanity check add_dev input for underflow (git-fixes).
ublk: use vmalloc for ublk_device's __queues (git-fixes).
usb: core: config: Prevent OOB read in SS endpoint companion parsing (stable-fixes).
usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test (git-fixes).
usb: core: usb_submit_urb: downgrade type check (stable-fixes).
usb: dwc3: Ignore late xferNotReady event to prevent halt timeout (git-fixes).
usb: dwc3: Remove WARN_ON for device endpoint command timeouts (stable-fixes).
usb: dwc3: core: Fix system suspend on TI AM62 platforms (git-fixes).
usb: dwc3: fix fault at system suspend if device was already runtime suspended (git-fixes).
usb: dwc3: pci: add support for the Intel Wildcat Lake (stable-fixes).
usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive (stable-fixes).
usb: renesas-xhci: Fix External ROM access timeouts (git-fixes).
usb: storage: realtek_cr: Use correct byte order for bcs->Residue (git-fixes).
usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present (stable-fixes).
usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default (stable-fixes).
usb: xhci: Avoid showing errors during surprise removal (stable-fixes).
usb: xhci: Avoid showing warnings for dying controller (stable-fixes).
usb: xhci: Fix slot_id resource race conflict (git-fixes).
usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command (stable-fixes).
usb: xhci: print xhci->xhc_state when queue_command failed (stable-fixes).
vfs: Add a sysctl for automated deletion of dentry (bsc#1240890).
watchdog: dw_wdt: Fix default timeout (stable-fixes).
watchdog: iTCO_wdt: Report error if timeout configuration fails (stable-fixes).
watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition (stable-fixes).
wifi: ath11k: fix group data packet drops during rekey (git-fixes).
wifi: ath12k: Add memset and update default rate value in wmi tx completion (stable-fixes).
wifi: ath12k: Correct tid cleanup when tid setup fails (stable-fixes).
wifi: ath12k: Decrement TID on RX peer frag setup error handling (stable-fixes).
wifi: ath12k: Enable REO queue lookup table feature on QCN9274 hw2.0 (stable-fixes).
wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work (git-fixes).
wifi: cfg80211: Fix interface type validation (stable-fixes).
wifi: cfg80211: fix use-after-free in cmp_bss() (git-fixes).
wifi: cfg80211: reject HTC bit for management frames (stable-fixes).
wifi: cfg80211: remove cfg80211_inform_single_bss_frame_data() (git-fixes).
wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result() (git-fixes).
wifi: cw1200: cap SSID length in cw1200_do_join() (git-fixes).
wifi: iwlegacy: Check rate_idx range after addition (stable-fixes).
wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() (stable-fixes).
wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect (stable-fixes).
wifi: iwlwifi: mvm: fix scan request validation (stable-fixes).
wifi: iwlwifi: mvm: set gtk id also in older FWs (stable-fixes).
wifi: iwlwifi: uefi: check DSM item validity (git-fixes).
wifi: libertas: cap SSID len in lbs_associate() (git-fixes).
wifi: mac80211: do not complete management TX on SAE commit (stable-fixes).
wifi: mac80211: fix rx link assignment for non-MLO stations (stable-fixes).
wifi: mac80211: update radar_required in channel context after channel switch (stable-fixes).
wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch (stable-fixes).
wifi: mt76: mt7996: Initialize hdr before passing to skb_put_data() (git-fixes).
wifi: mwifiex: Initialize the chan_stats array to zero (git-fixes).
wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() (stable-fixes).
wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_rx_interrupt() (stable-fixes).
wifi: rtw89: Disable deep power saving for USB/SDIO (stable-fixes).
wifi: rtw89: Fix rtw89_mac_power_switch() for USB (stable-fixes).
wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB (stable-fixes).
wireless: purelifi: plfxlc: fix memory leak in plfxlc_usb_wreq_asyn() (git-fixes).
x86/CPU/AMD: WARN when setting EFER.AUTOIBRS if and only if the WRMSR fails (git-fixes).
x86/Kconfig: Always enable ARCH_SPARSEMEM_ENABLE (git-fixes).
x86/amd_nb: Restrict init function to AMD-based systems (git-fixes).
x86/cpu: Add model number for Intel Clearwater Forest processor (git-fixes).
x86/fpu: Delay instruction pointer fixup until after warning (git-fixes).
x86/microcode/AMD: Handle the case of no BIOS microcode (git-fixes).
x86/mm/64: define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings() (git-fixes).
x86/rdrand: Disable RDSEED on AMD Cyan Skillfish (git-fixes).
xhci: dbc: Fix full DbC transfer ring after several reconnects (git-fixes).
xhci: fix memory leak regression when freeing xhci vdev devices depth first (git-fixes).
xirc2ps_cs: fix register access when enabling FullDuplex (git-fixes).

Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

Confidential Computing Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Confidential-Computing-15-SP6-2025-3602=1

Package List:

Confidential Computing Module 15-SP6 (nosrc x86_64)
- kernel-coco-6.4.0-15061.32.coco15sp6.1
- kernel-coco_debug-6.4.0-15061.32.coco15sp6.1
Confidential Computing Module 15-SP6 (x86_64)
- kernel-coco_debug-devel-debuginfo-6.4.0-15061.32.coco15sp6.1
- kernel-coco_debug-devel-6.4.0-15061.32.coco15sp6.1
- kernel-syms-coco-6.4.0-15061.32.coco15sp6.1
- kernel-coco-debugsource-6.4.0-15061.32.coco15sp6.1
- reiserfs-kmp-coco-6.4.0-15061.32.coco15sp6.1
- kernel-coco_debug-debugsource-6.4.0-15061.32.coco15sp6.1
- kernel-coco-vdso-debuginfo-6.4.0-15061.32.coco15sp6.1
- kernel-coco-debuginfo-6.4.0-15061.32.coco15sp6.1
- kernel-coco_debug-debuginfo-6.4.0-15061.32.coco15sp6.1
- kernel-coco-devel-6.4.0-15061.32.coco15sp6.1
- reiserfs-kmp-coco-debuginfo-6.4.0-15061.32.coco15sp6.1
Confidential Computing Module 15-SP6 (noarch)
- kernel-devel-coco-6.4.0-15061.32.coco15sp6.1
- kernel-source-coco-6.4.0-15061.32.coco15sp6.1

Security update for the Linux Kernel

Description:

Special Instructions and Notes:

Patch Instructions:

Package List:

References: