Security update for the Linux Kernel
Announcement ID: | SUSE-SU-2025:20354-1 |
---|---|
Release Date: | 2025-05-23T07:19:59Z |
Rating: | important |
References: |
|
Cross-References: |
|
CVSS scores: |
|
Affected Products: |
|
An update that solves 96 vulnerabilities and has 55 fixes can now be installed.
Description:
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching (bsc#1242006).
- CVE-2024-35840: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() (bsc#1224597).
- CVE-2024-50162: bpf: selftests: send packet to devmap redirect XDP (bsc#1233075).
- CVE-2024-50163: bpf: Make sure internal and UAPI bpf_redirect flags do not overlap (bsc#1233098).
- CVE-2024-57924: fs: relax assertions on failure to encode file handles (bsc#1236086).
- CVE-2024-58068: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized (bsc#1238961).
- CVE-2024-58070: bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT (bsc#1238983).
- CVE-2024-58088: bpf: Fix deadlock when freeing cgroup storage (bsc#1239510).
- CVE-2025-21683: bpf: Fix bpf_sk_select_reuseport() memory leak (bsc#1236704).
- CVE-2025-21696: mm: clear uffd-wp PTE/PMD state on mremap() (bsc#1237111).
- CVE-2025-21707: mptcp: consolidate suboption status (bsc#1238862).
- CVE-2025-21758: ipv6: mcast: add RCU protection to mld_newpack() (bsc#1238737).
- CVE-2025-21768: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels (bsc#1238714).
- CVE-2025-21792: ax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt (bsc#1238745).
- CVE-2025-21808: net: xdp: Disallow attaching device-bound programs in generic mode (bsc#1238742).
- CVE-2025-21812: ax25: rcu protect dev->ax25_ptr (bsc#1238471).
- CVE-2025-21833: iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE (bsc#1239108).
- CVE-2025-21854: selftest/bpf: Add vsock test for sockmap rejecting unconnected (bsc#1239470).
- CVE-2025-21867: bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type() (bsc#1240181).
- CVE-2025-21904: caif_virtio: fix wrong pointer check in cfv_probe() (bsc#1240576).
- CVE-2025-21925: llc: do not use skb_get() before dev_queue_xmit() (bsc#1240713).
- CVE-2025-21926: net: gso: fix ownership in __udp_gso_segment (bsc#1240712).
- CVE-2025-21931: hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio (bsc#1240709).
- CVE-2025-21962: cifs: Fix integer overflow while processing closetimeo mount option (bsc#1240655).
- CVE-2025-21963: cifs: Fix integer overflow while processing acdirmax mount option (bsc#1240717).
- CVE-2025-21964: cifs: Fix integer overflow while processing acregmax mount option (bsc#1240740).
- CVE-2025-21980: sched: address a potential NULL pointer dereference in the GRED scheduler (bsc#1240809).
- CVE-2025-21985: drm/amd/display: Fix out-of-bound accesses (bsc#1240811).
- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1240802).
- CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835).
- CVE-2025-22015: mm/migrate: fix shmem xarray update during migration (bsc#1240944).
- CVE-2025-22016: dpll: fix xa_alloc_cyclic() error handling (bsc#1240934).
- CVE-2025-22017: devlink: fix xa_alloc_cyclic() error handling (bsc#1240936).
- CVE-2025-22018: atm: Fix NULL pointer dereference (bsc#1241266).
- CVE-2025-22029: exec: fix the racy usage of fs_struct->in_exec (bsc#1241378).
- CVE-2025-22036: exfat: fix random stack corruption after get_block (bsc#1241426).
- CVE-2025-22045: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs (bsc#1241433).
- CVE-2025-22053: net: ibmveth: make veth_pool_store stop hanging (bsc#1241373).
- CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371).
- CVE-2025-22058: udp: Fix memory accounting leak (bsc#1241332).
- CVE-2025-22060: net: mvpp2: Prevent parser TCAM memory corruption (bsc#1241526).
- CVE-2025-22064: netfilter: nf_tables: do not unregister hook when table is dormant (bsc#1241413).
- CVE-2025-22080: fs/ntfs3: Prevent integer overflow in hdr_first_de() (bsc#1241416).
- CVE-2025-22090: mm: (un)track_pfn_copy() fix + doc improvements (bsc#1241537).
- CVE-2025-22102: Bluetooth: btnxpuart: Fix kernel panic during FW release (bsc#1241456).
- CVE-2025-22104: ibmvnic: Use kernel helpers for hex dumps (bsc#1241550).
- CVE-2025-22105, CVE-2025-37860: Add missing bugzilla references (bsc#1241452 bsc#1241548).
- CVE-2025-22107: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry() (bsc#1241575).
- CVE-2025-22109: ax25: Remove broken autobind (bsc#1241573).
- CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241578).
- CVE-2025-22121: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() (bsc#1241593).
- CVE-2025-23133: wifi: ath11k: update channel list in reg notifier instead reg worker (bsc#1241451).
- CVE-2025-23138: watch_queue: fix pipe accounting mismatch (bsc#1241648).
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242596).
- CVE-2025-37785: ext4: fix OOB read when checking dotdot dir (bsc#1241640).
- CVE-2025-37798: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() (bsc#1242414).
- CVE-2025-37799: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp (bsc#1242283).
- CVE-2025-39728: clk: samsung: Fix UBSAN panic in samsung_clk_init() (bsc#1241626).
The following non-security bugs were fixed:
- ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls (stable-fixes).
- ACPI: EC: Set ec_no_wakeup for Lenovo Go S (stable-fixes).
- ALSA: hda/realtek - Enable speaker for HP platform (git-fixes).
- ALSA: hda/realtek - Fixed ASUS platform headset Mic issue (git-fixes).
- ALSA: hda/realtek: Fix built-mic regression on other ASUS models (git-fixes).
- ALSA: hda: intel: Add Lenovo IdeaPad Z570 to probe denylist (stable-fixes).
- ALSA: hda: intel: Fix Optimus when GPU has no sound (stable-fixes).
- ALSA: ump: Fix buffer overflow at UMP SysEx message conversion (bsc#1242044).
- ALSA: usb-audio: Add retry on -EPROTO from usb_set_interface() (stable-fixes).
- ALSA: usb-audio: Add second USB ID for Jabra Evolve 65 headset (stable-fixes).
- ALSA: usb-audio: Fix CME quirk for UF series keyboards (stable-fixes).
- ASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe() (git-fixes).
- ASoC: SOF: topology: Use krealloc_array() to replace krealloc() (stable-fixes).
- ASoC: Use of_property_read_bool() (stable-fixes).
- ASoC: amd: Add DMI quirk for ACP6X mic support (stable-fixes).
- ASoC: amd: yc: update quirk data for new Lenovo model (stable-fixes).
- ASoC: codecs:lpass-wsa-macro: Fix logic of enabling vi channels (git-fixes).
- ASoC: codecs:lpass-wsa-macro: Fix vi feedback rate (git-fixes).
- ASoC: fsl_audmix: register card device depends on 'dais' property (stable-fixes).
- ASoC: qcom: Fix sc7280 lpass potential buffer overflow (git-fixes).
- ASoC: soc-core: Stop using of_property_read_bool() for non-boolean properties (stable-fixes).
- ASoC: soc-pcm: Fix hw_params() and DAPM widget sequence (git-fixes).
- Bluetooth: btrtl: Prevent potential NULL dereference (git-fixes).
- Bluetooth: btusb: avoid NULL pointer dereference in skb_dequeue() (git-fixes).
- Bluetooth: hci_event: Fix sending MGMT_EV_DEVICE_FOUND for invalid address (git-fixes).
- Bluetooth: hci_uart: Fix another race during initialization (git-fixes).
- Bluetooth: hci_uart: fix race during initialization (stable-fixes).
- Bluetooth: l2cap: Check encryption key size on incoming connection (git-fixes).
- Bluetooth: l2cap: Process valid commands in too long frame (stable-fixes).
- Bluetooth: vhci: Avoid needless snprintf() calls (git-fixes).
- Drop PCI patch that caused a regression (bsc#1241123)
- Input: cyttsp5 - ensure minimum reset pulse width (git-fixes).
- Input: mtk-pmic-keys - fix possible null pointer dereference (git-fixes).
- Input: xpad - fix two controller table values (git-fixes).
- OPP: add index check to assert to avoid buffer overflow in _read_freq() (bsc#1238961)
- PCI/MSI: Add an option to write MSIX ENTRY_DATA before any reads (git-fixes).
- PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type (stable-fixes).
- RDMA/cma: Fix workqueue crash in cma_netevent_work_handler (git-fixes)
- RDMA/core: Silence oversized kvmalloc() warning (git-fixes)
- RDMA/hns: Fix wrong maximum DMA segment size (git-fixes)
- RDMA/mana_ib: Ensure variable err is initialized (git-fixes).
- RDMA/usnic: Fix passing zero to PTR_ERR in usnic_ib_pci_probe() (git-fixes)
- Revert "drivers: core: synchronize really_probe() and dev_uevent()" (stable-fixes).
- Revert "drm/meson: vclk: fix calculation of 59.94 fractional rates" (git-fixes).
- Revert "tcp: Fix bind() regression for v6-only wildcard and"
- Revert "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" (git-fixes).
- USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02) (stable-fixes).
- USB: VLI disk crashes if LPM is used (stable-fixes).
- USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe (stable-fixes).
- USB: serial: option: add Sierra Wireless EM9291 (stable-fixes).
- USB: serial: simple: add OWON HDS200 series oscilloscope support (stable-fixes).
- USB: storage: quirk for ADATA Portable HDD CH94 (stable-fixes).
- USB: usbtmc: use interruptible sleep in usbtmc_read (git-fixes).
- USB: wdm: add annotation (git-fixes).
- USB: wdm: close race between wdm_open and wdm_wwan_port_stop (git-fixes).
- USB: wdm: handle IO errors in wdm_wwan_port_start (git-fixes).
- USB: wdm: wdm_wwan_port_tx_complete mutex in atomic context (git-fixes).
- ahci: add PCI ID for Marvell 88SE9215 SATA Controller (stable-fixes).
- asus-laptop: Fix an uninitialized variable (git-fixes).
- ata: libata-sata: Save all fields from sense data descriptor (git-fixes).
- ata: libata-scsi: Fix ata_mselect_control_ata_feature() return type (git-fixes).
- ata: libata-scsi: Fix ata_msense_control_ata_feature() (git-fixes).
- ata: libata-scsi: Improve CDL control (git-fixes).
- ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() (git-fixes).
- ata: sata_sx4: Add error handling in pdc20621_i2c_read() (git-fixes).
- auxdisplay: hd44780: Convert to platform remove callback returning void (stable-fixes).
- auxdisplay: hd44780: Fix an API misuse in hd44780.c (git-fixes).
- badblocks: Fix error shitf ops (git-fixes).
- badblocks: fix merge issue when new badblocks align with pre+1 (git-fixes).
- badblocks: fix missing bad blocks on retry in _badblocks_check() (git-fixes).
- badblocks: fix the using of MAX_BADBLOCKS (git-fixes).
- badblocks: return error directly when setting badblocks exceeds 512 (git-fixes).
- badblocks: return error if any badblock set fails (git-fixes).
- blk-throttle: fix lower bps rate by throtl_trim_slice() (git-fixes).
- block: change blk_mq_add_to_batch() third argument type to bool (git-fixes).
- block: fix 'kmem_cache of name 'bio-108' already exists' (git-fixes).
- block: fix conversion of GPT partition name to 7-bit (git-fixes).
- block: fix resource leak in blk_register_queue() error path (git-fixes).
- block: integrity: Do not call set_page_dirty_lock() (git-fixes).
- block: make sure ->nr_integrity_segments is cloned in blk_rq_prep_clone (git-fixes).
- bnxt_en: Linearize TX SKB if the fragments exceed the max (git-fixes).
- bnxt_en: Mask the bd_cnt field in the TX BD properly (git-fixes).
- bpf: Add missed var_off setting in coerce_subreg_to_size_sx() (git-fixes).
- bpf: Add missed var_off setting in set_sext32_default_val() (git-fixes).
- bpf: add find_containing_subprog() utility function (bsc#1241590).
- bpf: check changes_pkt_data property for extension programs (bsc#1241590).
- bpf: consider that tail calls invalidate packet pointers (bsc#1241590).
- bpf: fix null dereference when computing changes_pkt_data of prog w/o subprogs (bsc#1241590).
- bpf: refactor bpf_helper_changes_pkt_data to use helper number (bsc#1241590).
- bpf: track changes_pkt_data property for global functions (bsc#1241590).
- btrfs: add and use helper to verify the calling task has locked the inode (bsc#1241204).
- btrfs: always fallback to buffered write if the inode requires checksum (bsc#1242831 bsc#1242710).
- btrfs: fix hole expansion when writing at an offset beyond EOF (bsc#1241151).
- btrfs: fix missing snapshot drew unlock when root is dead during swap activation (bsc#1241204).
- btrfs: fix race with memory mapped writes when activating swap file (bsc#1241204).
- btrfs: fix swap file activation failure due to extents that used to be shared (bsc#1241204).
- can: gw: fix RCU/BH usage in cgw_create_job() (git-fixes).
- can: mcan: m_can_class_unregister(): fix order of unregistration calls (git-fixes).
- can: mcp251xfd: fix TDC setting for low data bit rates (git-fixes).
- can: mcp251xfd: mcp251xfd_remove(): fix order of unregistration calls (git-fixes).
- cdc_ether|r8152: ThinkPad Hybrid USB-C/A Dock quirk (stable-fixes).
- char: misc: register chrdev region with all possible minors (git-fixes).
- cifs: Fix integer overflow while processing actimeo mount option (git-fixes).
- crypto: atmel-sha204a - Set hwrng quality to lowest possible (git-fixes).
- crypto: caam/qi - Fix drv_ctx refcount bug (git-fixes).
- crypto: ccp - Add support for PCI device 0x1134 (stable-fixes).
- cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path (git-fixes).
- dm-bufio: do not schedule in atomic context (git-fixes).
- dm-ebs: fix prefetch-vs-suspend race (git-fixes).
- dm-integrity: set ti->error on memory allocation failure (git-fixes).
- dm-verity: fix prefetch-vs-suspend race (git-fixes).
- dm: add missing unlock on in dm_keyslot_evict() (git-fixes).
- dm: always update the array size in realloc_argv on success (git-fixes).
- dm: fix copying after src array boundaries (git-fixes).
- dmaengine: dmatest: Fix dmatest waiting less when interrupted (stable-fixes).
- drivers: base: devres: Allow to release group on device release (stable-fixes).
- drm/amd/display: Add scoped mutexes for amdgpu_dm_dhcp (stable-fixes).
- drm/amd/display: Copy AUX read reply data whenever length > 0 (git-fixes).
- drm/amd/display: Fix gpu reset in multidisplay config (git-fixes).
- drm/amd/display: Fix slab-use-after-free in hdcp (git-fixes).
- drm/amd/display: Fix wrong handling for AUX_DEFER case (git-fixes).
- drm/amd/display: Force full update in gpu reset (stable-fixes).
- drm/amd/display: Remove incorrect checking in dmub aux handler (git-fixes).
- drm/amd/display: Shift DMUB AUX reply command if necessary (git-fixes).
- drm/amd/display: add workaround flag to link to force FFE preset (stable-fixes).
- drm/amd: Handle being compiled without SI or CIK support better (stable-fixes).
- drm/amdgpu/hdp5.2: use memcfg register to post the write for HDP flush (git-fixes).
- drm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create() (stable-fixes).
- drm/amdkfd: Fix mode1 reset crash issue (stable-fixes).
- drm/amdkfd: Fix pqm_destroy_queue race with GPU reset (stable-fixes).
- drm/amdkfd: clamp queue size to minimum (stable-fixes).
- drm/amdkfd: debugfs hang_hws skip GPU with MES (stable-fixes).
- drm/bridge: panel: forbid initializing a panel with unknown connector type (stable-fixes).
- drm/fdinfo: Protect against driver unbind (git-fixes).
- drm/i915/dg2: wait for HuC load completion before running selftests (stable-fixes).
- drm/i915/gvt: fix unterminated-string-initialization warning (stable-fixes).
- drm/i915/pxp: fix undefined reference to `intel_pxp_gsccs_is_ready_for_sessions' (git-fixes).
- drm/i915/xelpg: Extend driver code of Xe_LPG to Xe_LPG+ (stable-fixes).
- drm/i915: Disable RPG during live selftest (git-fixes).
- drm/mediatek: mtk_dpi: Explicitly manage TVD clock in power on/off (stable-fixes).
- drm/mediatek: mtk_dpi: Move the input_2p_en bit to platform data (stable-fixes).
- drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill() (git-fixes).
- drm/panel: simple: Update timings for AUO G101EVN010 (git-fixes).
- drm/tests: Add helper to create mock crtc (stable-fixes).
- drm/tests: Add helper to create mock plane (stable-fixes).
- drm/tests: Build KMS helpers when DRM_KUNIT_TEST_HELPERS is enabled (git-fixes).
- drm/tests: cmdline: Fix drm_display_mode memory leak (git-fixes).
- drm/tests: helpers: Add atomic helpers (stable-fixes).
- drm/tests: helpers: Add helper for drm_display_mode_from_cea_vic() (stable-fixes).
- drm/tests: helpers: Create kunit helper to destroy a drm_display_mode (stable-fixes).
- drm/tests: helpers: Fix compiler warning (git-fixes).
- drm/tests: modes: Fix drm_display_mode memory leak (git-fixes).
- drm/tests: probe-helper: Fix drm_display_mode memory leak (git-fixes).
- drm: Select DRM_KMS_HELPER from DRM_DEBUG_DP_MST_TOPOLOGY_REFS (git-fixes).
- drm: allow encoder mode_set even when connectors change for crtc (stable-fixes).
- drm: panel-orientation-quirks: Add new quirk for GPD Win 2 (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for AYA NEO Slide (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for OneXPlayer Mini (Intel) (stable-fixes).
- drm: panel-orientation-quirks: Add quirks for AYA NEO Flip DS and KB (stable-fixes).
- drm: panel-orientation-quirks: Add support for AYANEO 2S (stable-fixes).
- e1000e: change k1 configuration on MTP and later platforms (git-fixes).
- eth: bnxt: fix missing ring index trim on error path (git-fixes).
- ethtool: Fix context creation with no parameters (git-fixes).
- ethtool: Fix set RXNFC command with symmetric RSS hash (git-fixes).
- ethtool: Fix wrong mod state in case of verbose and no_mask bitset (git-fixes).
- ethtool: do not propagate EOPNOTSUPP from dumps (git-fixes).
- ethtool: fix setting key and resetting indir at once (git-fixes).
- ethtool: netlink: Add missing ethnl_ops_begin/complete (git-fixes).
- ethtool: netlink: do not return SQI value if link is down (git-fixes).
- ethtool: plca: fix plca enable data type while parsing the value (git-fixes).
- ethtool: rss: echo the context number back (git-fixes).
- exfat: do not fallback to buffered write (git-fixes).
- exfat: drop ->i_size_ondisk (git-fixes).
- exfat: fix soft lockup in exfat_clear_bitmap (git-fixes).
- exfat: short-circuit zero-byte writes in exfat_file_write_iter (git-fixes).
- ext4: add missing brelse() for bh2 in ext4_dx_add_entry() (bsc#1242342).
- ext4: correct encrypted dentry name hash when not casefolded (bsc#1242540).
- ext4: do not over-report free space or inodes in statvfs (bsc#1242345).
- ext4: do not treat fhandle lookup of ea_inode as FS corruption (bsc#1242347).
- ext4: fix FS_IOC_GETFSMAP handling (bsc#1240557).
- ext4: goto right label 'out_mmap_sem' in ext4_setattr() (bsc#1242556).
- ext4: make block validity check resistent to sb bh corruption (bsc#1242348).
- ext4: partial zero eof block on unaligned inode size extension (bsc#1242336).
- ext4: protect ext4_release_dquot against freezing (bsc#1242335).
- ext4: replace the traditional ternary conditional operator with with max()/min() (bsc#1242536).
- ext4: treat end of range as exclusive in ext4_zero_range() (bsc#1242539).
- ext4: unify the type of flexbg_size to unsigned int (bsc#1242538).
- fbdev: omapfb: Add 'plane' value check (stable-fixes).
- firmware: arm_ffa: Skip Rx buffer ownership release if not acquired (git-fixes).
- firmware: arm_scmi: Balance device refcount when destroying devices (git-fixes).
- fs/jfs: Prevent integer overflow in AG size calculation (git-fixes).
- fs/jfs: cast inactags to s64 to prevent potential overflow (git-fixes).
- fs/ntfs3: add prefix to bitmap_size() and use BITS_TO_U64() (bsc#1241250).
- fs: better handle deep ancestor chains in is_subdir() (bsc#1242528).
- fs: consistently deref the files table with rcu_dereference_raw() (bsc#1242535).
- fs: do not allow non-init s_user_ns for filesystems without FS_USERNS_MOUNT (bsc#1242526).
- fs: support relative paths with FSCONFIG_SET_STRING (git-fixes).
- gpio: zynq: Fix wakeup source leaks on device unbind (stable-fixes).
- gve: handle overflow when reporting TX consumed descriptors (git-fixes).
- gve: set xdp redirect target only when it is available (git-fixes).
- hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key (git-fixes).
- i2c: cros-ec-tunnel: defer probe if parent EC is not present (git-fixes).
- i2c: imx-lpi2c: Fix clock count when probe defers (git-fixes).
- ice: Add check for devm_kzalloc() (git-fixes).
- ice: fix reservation of resources for RDMA when disabled (git-fixes).
- ice: stop truncating queue ids when checking (git-fixes).
- idpf: check error for register_netdev() on init (git-fixes).
- idpf: fix adapter NULL pointer dereference on reboot (git-fixes).
- igb: reject invalid external timestamp requests for 82580-based HW (git-fixes).
- igc: add lock preventing multiple simultaneous PTM transactions (git-fixes).
- igc: cleanup PTP module if probe fails (git-fixes).
- igc: fix PTM cycle trigger logic (git-fixes).
- igc: handle the IGC_PTP_ENABLED flag correctly (git-fixes).
- igc: increase wait time before retrying PTM (git-fixes).
- igc: move ktime snapshot into PTM retry loop (git-fixes).
- iio: accel: adxl367: fix setting odr for activity time update (git-fixes).
- iio: adc: ad7606: fix serial register access (git-fixes).
- iio: adc: ad7768-1: Fix conversion result sign (git-fixes).
- iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check (stable-fixes).
- iio: adis16201: Correct inclinometer channel resolution (git-fixes).
- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo (git-fixes).
- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo (git-fixes).
- iio: temp: maxim-thermocouple: Fix potential lack of DMA safe buffer (git-fixes).
- iommu: Fix two issues in iommu_copy_struct_from_user() (git-fixes).
- ipv4: fib: annotate races around nh->nh_saddr_genid and nh->nh_saddr (git-fixes).
- irqchip/davinci: Remove leftover header (git-fixes).
- irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() (git-fixes).
- irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs (git-fixes).
- isofs: fix KMSAN uninit-value bug in do_isofs_readdir() (bsc#1242307).
- jbd2: add a missing data flush during file and fs synchronization (bsc#1242346).
- jbd2: fix off-by-one while erasing journal (bsc#1242344).
- jbd2: flush filesystem device before updating tail sequence (bsc#1242333).
- jbd2: increase IO priority for writing revoke records (bsc#1242332).
- jbd2: increase the journal IO's priority (bsc#1242537).
- jbd2: remove wrong sb->s_sequence check (bsc#1242343).
- jfs: Fix uninit-value access of imap allocated in the diMount() function (git-fixes).
- jfs: Prevent copying of nlink with value 0 from disk inode (git-fixes).
- jfs: add sanity check for agwidth in dbMount (git-fixes).
- kABI fix for sctp: detect and prevent references to a freed transport in sendmsg (git-fixes).
- kABI workaround for powercap update (bsc#1241010).
- ktest: Fix Test Failures Due to Missing LOG_FILE Directories (stable-fixes).
- kunit: qemu_configs: SH: Respect kunit cmdline (git-fixes).
- loop: LOOP_SET_FD: send uevents for partitions (git-fixes).
- loop: properly send KOBJ_CHANGED uevent for disk device (git-fixes).
- loop: stop using vfs_iter_{read,write} for buffered I/O (git-fixes).
- md/md-bitmap: fix wrong bitmap_limit for clustermd when write sb (bsc#1238212)
- media: uvcvideo: Add quirk for Actions UVC05 (stable-fixes).
- mei: me: add panther lake H DID (stable-fixes).
- misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration (git-fixes).
- misc: microchip: pci1xxxx: Fix incorrect IRQ status handling during ack (git-fixes).
- mm/readahead: fix large folio support in async readahead (bsc#1242321).
- mm: fix error handling in __filemap_get_folio() with FGP_NOWAIT (bsc#1242326).
- mm: fix filemap_get_folios_contig returning batches of identical folios (bsc#1242327).
- mm: fix oops when filemap_map_pmd() without prealloc_pte (bsc#1242546).
- mmc: dw_mmc: add a quirk for accessing 64-bit FIFOs in two halves (stable-fixes).
- mmc: renesas_sdhi: Fix error handling in renesas_sdhi_probe (git-fixes).
- mptcp: mptcp_parse_option() fix for MPTCPOPT_MP_JOIN (git-fixes).
- mptcp: refine opt_mp_capable determination (git-fixes).
- mptcp: relax check on MPC passive fallback (git-fixes).
- mptcp: strict validation before using mp_opt->hmac (git-fixes).
- mptcp: use OPTION_MPTCP_MPJ_SYN in subflow_check_req() (git-fixes).
- net/mlx5: Fill out devlink dev info only for PFs (git-fixes).
- net/mlx5: IRQ, Fix null string in debug print (git-fixes).
- net/mlx5: Lag, Check shared fdb before creating MultiPort E-Switch (git-fixes).
- net/mlx5: Start health poll after enable hca (git-fixes).
- net/mlx5e: Fix ethtool -N flow-type ip4 to RSS context (git-fixes).
- net/mlx5e: Prevent bridge link show failure for non-eswitch-allowed devices (git-fixes).
- net/mlx5e: SHAMPO, Make reserved size independent of page size (git-fixes).
- net/tcp: refactor tcp_inet6_sk() (git-fixes).
- net: annotate data-races around sk->sk_dst_pending_confirm (git-fixes).
- net: annotate data-races around sk->sk_tx_queue_mapping (git-fixes).
- net: blackhole_dev: fix build warning for ethh set but not used (git-fixes).
- net: ethtool: Do not call .cleanup_data when prepare_data fails (git-fixes).
- net: ethtool: Fix RSS setting (git-fixes).
- net: ipv6: fix UDPv6 GSO segmentation with NAT (git-fixes).
- net: mana: Switch to page pool for jumbo frames (git-fixes).
- net: mark racy access on sk->sk_rcvbuf (git-fixes).
- net: phy: leds: fix memory leak (git-fixes).
- net: phy: microchip: force IRQ polling mode for lan88xx (git-fixes).
- net: sctp: fix skb leak in sctp_inq_free() (git-fixes).
- net: set SOCK_RCU_FREE before inserting socket into hashtable (git-fixes).
- net: usb: asix_devices: add FiberGecko DeviceID (stable-fixes).
- net_sched: drr: Fix double list add in class with netem as child qdisc (git-fixes).
- net_sched: ets: Fix double list add in class with netem as child qdisc (git-fixes).
- net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (git-fixes).
- net_sched: qfq: Fix double list add in class with netem as child qdisc (git-fixes).
- netpoll: Use rcu_access_pointer() in netpoll_poll_lock (git-fixes).
- nfs: add missing selections of CONFIG_CRC32 (git-fixes).
- nfsd: decrease sc_count directly if fail to queue dl_recall (git-fixes).
- ntb: reduce stack usage in idt_scan_mws (stable-fixes).
- ntb_hw_amd: Add NTB PCI ID for new gen CPU (stable-fixes).
- nvme-pci: clean up CMBMSC when registering CMB fails (git-fixes).
- nvme-pci: fix stuck reset on concurrent DPC and HP (git-fixes).
- nvme-pci: skip CMB blocks incompatible with PCI P2P DMA (git-fixes).
- nvme-pci: skip nvme_write_sq_db on empty rqlist (git-fixes).
- nvme-tcp: fix possible UAF in nvme_tcp_poll (git-fixes).
- nvme/ioctl: do not warn on vectorized uring_cmd with fixed buffer (git-fixes).
- nvmet-fcloop: swap list_add_tail arguments (git-fixes).
- perf: arm_cspmu: nvidia: enable NVLINK-C2C port filtering (bsc#1242172)
- perf: arm_cspmu: nvidia: fix sysfs path in the kernel doc (bsc#1242172)
- perf: arm_cspmu: nvidia: monitor all ports by default (bsc#1242172)
- perf: arm_cspmu: nvidia: remove unsupported SCF events (bsc#1242172)
- phy: freescale: imx8m-pcie: assert phy reset and perst in power off (git-fixes).
- pinctrl: renesas: rza2: Fix potential NULL pointer dereference (stable-fixes).
- platform/x86/amd/pmc: Declare quirk_spurious_8042 for MECHREVO Wujie 14XA (GX4HRXL) (git-fixes).
- platform/x86/amd: pmc: Require at least 2.5 seconds between HW sleep cycles (stable-fixes).
- platform/x86/intel-uncore-freq: Fix missing uncore sysfs during CPU hotplug (git-fixes).
- platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection (git-fixes).
- pm: cpupower: bench: Prevent NULL dereference on malloc failure (stable-fixes).
- powercap: intel_rapl: Introduce APIs for PMU support (bsc#1241010).
- powercap: intel_rapl_tpmi: Enable PMU support (bsc#1241010).
- powerpc/boot: Check for ld-option support (bsc#1215199).
- powerpc/boot: Fix dash warning (bsc#1215199).
- powerpc: Do not use --- in kernel logs (git-fixes).
- pwm: fsl-ftm: Handle clk_get_rate() returning 0 (git-fixes).
- pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config() (git-fixes).
- pwm: rcar: Improve register calculation (git-fixes).
- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN
- rpm/kernel-binary.spec.in: Also order against update-bootloader (boo#1228659, boo#1240785, boo#1241038).
- rpm/package-descriptions: Add rt and rt_debug descriptions
- rtc: pcf85063: do a SW reset if POR failed (stable-fixes).
- scsi: core: Use GFP_NOIO to avoid circular locking dependency (git-fixes).
- scsi: hisi_sas: Enable force phy when SATA disk directly connected (git-fixes).
- scsi: iscsi: Fix missing scsi_host_put() in error path (git-fixes).
- scsi: lpfc: Restore clearing of NLP_UNREG_INP in ndlp->nlp_flag (git-fixes).
- scsi: mpi3mr: Fix locking in an error path (git-fixes).
- scsi: mpt3sas: Fix a locking bug in an error path (git-fixes).
- scsi: mpt3sas: Reduce log level of ignore_delay_remove message to KERN_INFO (git-fixes).
- scsi: scsi_debug: Remove a reference to in_use_bm (git-fixes).
- sctp: Fix undefined behavior in left shift operation (git-fixes).
- sctp: add mutual exclusion in proc_sctp_do_udp_port() (git-fixes).
- sctp: detect and prevent references to a freed transport in sendmsg (git-fixes).
- sctp: ensure sk_state is set to CLOSED if hashing fails in sctp_listen_start (git-fixes).
- sctp: fix association labeling in the duplicate COOKIE-ECHO case (git-fixes).
- sctp: fix busy polling (git-fixes).
- sctp: prefer struct_size over open coded arithmetic (git-fixes).
- sctp: support MSG_ERRQUEUE flag in recvmsg() (git-fixes).
- selftests/bpf: Add a few tests to cover (git-fixes).
- selftests/bpf: extend changes_pkt_data with cases w/o subprograms (bsc#1241590).
- selftests/bpf: freplace tests for tracking of changes_packet_data (bsc#1241590).
- selftests/bpf: test for changing packet data from global functions (bsc#1241590).
- selftests/bpf: validate that tail call invalidates packet pointers (bsc#1241590).
- selftests/futex: futex_waitv wouldblock test should fail (git-fixes).
- selftests/mm: generate a temporary mountpoint for cgroup filesystem (git-fixes).
- serial: msm: Configure correct working mode before starting earlycon (git-fixes).
- serial: sifive: lock port in startup()/shutdown() callbacks (git-fixes).
- smb: client: fix folio leaks and perf improvements (bsc#1239997, bsc1241265).
- sound/virtio: Fix cancel_sync warnings on uninitialized work_structs (stable-fixes).
- spi: tegra114: Do not fail set_cs_timing when delays are zero (git-fixes).
- spi: tegra210-quad: add rate limiting and simplify timeout error message (stable-fixes).
- spi: tegra210-quad: use WARN_ON_ONCE instead of WARN_ON for timeouts (stable-fixes).
- splice: remove duplicate noinline from pipe_clear_nowait (bsc#1242328).
- staging: axis-fifo: Correct handling of tx_fifo_depth for size validation (git-fixes).
- staging: axis-fifo: Remove hardware resets for user errors (git-fixes).
- staging: iio: adc: ad7816: Correct conditional logic for store mode (git-fixes).
- string: Add load_unaligned_zeropad() code path to sized_strscpy() (git-fixes).
- tcp: fix mptcp DSS corruption due to large pmtu xmit (git-fixes).
- thunderbolt: Scan retimers after device router has been enumerated (stable-fixes).
- tools/hv: update route parsing in kvp daemon (git-fixes).
- tools/power turbostat: Increase CPU_SUBSET_MAXCPUS to 8192 (bsc#1241175).
- tools/power turbostat: report CoreThr per measurement interval (git-fixes).
- tty: n_tty: use uint for space returned by tty_write_room() (git-fixes).
- ublk: set_params: properly check if parameters can be applied (git-fixes).
- udf: Fix inode_getblk() return value (bsc#1242313).
- udf: Skip parent dir link count update if corrupted (bsc#1242315).
- udf: Verify inode link counts before performing rename (bsc#1242314).
- usb: cdns3: Fix deadlock when using NCM gadget (git-fixes).
- usb: cdnsp: fix L1 resume issue for RTL_REVISION_NEW_LPM version (git-fixes).
- usb: chipidea: ci_hdrc_imx: fix call balance of regulator routines (git-fixes).
- usb: chipidea: ci_hdrc_imx: implement usb_phy_init() error handling (git-fixes).
- usb: dwc3: gadget: Avoid using reserved endpoints on Intel Merrifield (stable-fixes).
- usb: dwc3: gadget: Refactor loop to avoid NULL endpoints (stable-fixes).
- usb: dwc3: gadget: check that event count does not exceed event buffer length (git-fixes).
- usb: dwc3: xilinx: Prevent spike in reset signal (git-fixes).
- usb: gadget: Use get_status callback to set remote wakeup capability (git-fixes).
- usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() (stable-fixes).
- usb: gadget: f_ecm: Add get_status callback (git-fixes).
- usb: gadget: tegra-xudc: ACK ST_RC after clearing CTRL_RUN (git-fixes).
- usb: host: max3421-hcd: Add missing spi_device_id table (stable-fixes).
- usb: host: tegra: Prevent host controller crash when OTG port is used (git-fixes).
- usb: host: xhci-plat: mvebu: use ->quirks instead of ->init_quirk() func (stable-fixes).
- usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive (stable-fixes).
- usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive (stable-fixes).
- usb: typec: tcpm: delay SNK_TRY_WAIT_DEBOUNCE to SRC_TRYWAIT transition (git-fixes).
- usb: typec: ucsi: displayport: Fix NULL pointer access (git-fixes).
- usb: uhci-platform: Make the clock really optional (git-fixes).
- usb: usbtmc: Fix erroneous generic_read ioctl return (git-fixes).
- usb: usbtmc: Fix erroneous get_stb ioctl error returns (git-fixes).
- usb: usbtmc: Fix erroneous wait_srq ioctl return (git-fixes).
- vdpa/mlx5: Fix oversized null mkey longer than 32bit (git-fixes).
- vfs: do not mod negative dentry count when on shrinker list (bsc#1242534).
- virtchnl: make proto and filter action count unsigned (git-fixes).
- vmxnet3: Fix tx queue race condition with XDP (bsc#1241394).
- vmxnet3: unregister xdp rxq info in the reset path (bsc#1241394).
- wifi: at76c50x: fix use after free access in at76_disconnect (git-fixes).
- wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi (stable-fixes).
- wifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process (stable-fixes).
- wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage() (git-fixes).
- wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation (git-fixes).
- wifi: mac80211: Purge vif txq in ieee80211_do_stop() (git-fixes).
- wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue() (git-fixes).
- wifi: mt76: mt76x2u: add TP-Link TL-WDN6200 ID to device table (stable-fixes).
- wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release (git-fixes).
- wifi: wl1251: fix memory leak in wl1251_tx_work (git-fixes).
- x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778).
- x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778).
- x86/bpf: Call branch history clearing sequence on exit (bsc#1242778).
- x86/bugs: Add RSB mitigation document (git-fixes).
- x86/bugs: Do not fill RSB on VMEXIT with eIBRS+retpoline (git-fixes).
- x86/bugs: Do not fill RSB on context switch with eIBRS (git-fixes).
- x86/bugs: Fix RSB clearing in indirect_branch_prediction_barrier() (git-fixes).
- x86/bugs: Rename entry_ibpb() to write_ibpb() (git-fixes).
- x86/bugs: Use SBPB in write_ibpb() if applicable (git-fixes).
- x86/dumpstack: Fix inaccurate unwinding from exception stacks due to misplaced assignment (git-fixes).
- x86/entry: Fix ORC unwinder for PUSH_REGS with save_ret=1 (git-fixes).
- x86/hyperv: Fix check of return value from snp_set_vmsa() (git-fixes).
- x86/microcode/AMD: Fix a -Wsometimes-uninitialized clang false positive (git-fixes).
- x86/microcode/AMD: Flush patch buffer mapping after application (git-fixes).
- x86/microcode/AMD: Pay attention to the stepping dynamically (git-fixes).
- x86/microcode/AMD: Split load_microcode_amd() (git-fixes).
- x86/microcode/AMD: Use the family,model,stepping encoded in the patch ID (git-fixes).
- x86/microcode/intel: Set new revision only after a successful update (git-fixes).
- x86/microcode: Remove the driver announcement and version (git-fixes).
- x86/microcode: Rework early revisions reporting (git-fixes).
- x86/paravirt: Move halt paravirt calls under CONFIG_PARAVIRT (git-fixes).
- x86/tdx: Emit warning if IRQs are enabled during HLT #VE handling (git-fixes).
- x86/tdx: Fix arch_safe_halt() execution for TDX VMs (git-fixes).
- x86/uaccess: Improve performance by aligning writes to 8 bytes in copy_user_generic(), on non-FSRM/ERMS CPUs (git-fixes).
- xfs: flush inodegc before swapon (git-fixes).
- xhci: Clean up stale comment on ERST_SIZE macro (stable-fixes).
- zap_pid_ns_processes: clear TIF_NOTIFY_SIGNAL along with TIF_SIGPENDING (bsc#1241167).
Special Instructions and Notes:
- Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
-
SUSE Linux Micro 6.1
zypper in -t patch SUSE-SLE-Micro-6.1-kernel-22=1
Package List:
-
SUSE Linux Micro 6.1 (noarch)
- kernel-macros-6.4.0-29.1
- kernel-source-6.4.0-29.1
- kernel-devel-6.4.0-29.1
-
SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64 nosrc)
- kernel-default-6.4.0-29.1
-
SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64)
- kernel-default-devel-6.4.0-29.1
- kernel-default-debugsource-6.4.0-29.1
- kernel-default-debuginfo-6.4.0-29.1
-
SUSE Linux Micro 6.1 (aarch64 ppc64le x86_64)
- kernel-default-base-6.4.0-29.1.21.7
-
SUSE Linux Micro 6.1 (ppc64le x86_64)
- kernel-default-devel-debuginfo-6.4.0-29.1
-
SUSE Linux Micro 6.1 (s390x x86_64)
- kernel-livepatch-MICRO-6-0_Update_7-debugsource-1-1.2
- kernel-livepatch-6_4_0-29-default-debuginfo-1-1.2
- kernel-default-livepatch-6.4.0-29.1
- kernel-livepatch-6_4_0-29-default-1-1.2
-
SUSE Linux Micro 6.1 (nosrc x86_64)
- kernel-kvmsmall-6.4.0-29.1
-
SUSE Linux Micro 6.1 (x86_64)
- kernel-kvmsmall-debuginfo-6.4.0-29.1
- kernel-kvmsmall-debugsource-6.4.0-29.1
References:
- https://www.suse.com/security/cve/CVE-2023-53034.html
- https://www.suse.com/security/cve/CVE-2024-27018.html
- https://www.suse.com/security/cve/CVE-2024-27415.html
- https://www.suse.com/security/cve/CVE-2024-28956.html
- https://www.suse.com/security/cve/CVE-2024-35840.html
- https://www.suse.com/security/cve/CVE-2024-46763.html
- https://www.suse.com/security/cve/CVE-2024-46865.html
- https://www.suse.com/security/cve/CVE-2024-50083.html
- https://www.suse.com/security/cve/CVE-2024-50162.html
- https://www.suse.com/security/cve/CVE-2024-50163.html
- https://www.suse.com/security/cve/CVE-2024-56641.html
- https://www.suse.com/security/cve/CVE-2024-56702.html
- https://www.suse.com/security/cve/CVE-2024-57924.html
- https://www.suse.com/security/cve/CVE-2024-57998.html
- https://www.suse.com/security/cve/CVE-2024-58001.html
- https://www.suse.com/security/cve/CVE-2024-58068.html
- https://www.suse.com/security/cve/CVE-2024-58070.html
- https://www.suse.com/security/cve/CVE-2024-58088.html
- https://www.suse.com/security/cve/CVE-2024-58093.html
- https://www.suse.com/security/cve/CVE-2024-58094.html
- https://www.suse.com/security/cve/CVE-2024-58095.html
- https://www.suse.com/security/cve/CVE-2024-58096.html
- https://www.suse.com/security/cve/CVE-2024-58097.html
- https://www.suse.com/security/cve/CVE-2025-21683.html
- https://www.suse.com/security/cve/CVE-2025-21696.html
- https://www.suse.com/security/cve/CVE-2025-21707.html
- https://www.suse.com/security/cve/CVE-2025-21758.html
- https://www.suse.com/security/cve/CVE-2025-21768.html
- https://www.suse.com/security/cve/CVE-2025-21792.html
- https://www.suse.com/security/cve/CVE-2025-21808.html
- https://www.suse.com/security/cve/CVE-2025-21812.html
- https://www.suse.com/security/cve/CVE-2025-21833.html
- https://www.suse.com/security/cve/CVE-2025-21852.html
- https://www.suse.com/security/cve/CVE-2025-21853.html
- https://www.suse.com/security/cve/CVE-2025-21854.html
- https://www.suse.com/security/cve/CVE-2025-21867.html
- https://www.suse.com/security/cve/CVE-2025-21904.html
- https://www.suse.com/security/cve/CVE-2025-21925.html
- https://www.suse.com/security/cve/CVE-2025-21926.html
- https://www.suse.com/security/cve/CVE-2025-21931.html
- https://www.suse.com/security/cve/CVE-2025-21962.html
- https://www.suse.com/security/cve/CVE-2025-21963.html
- https://www.suse.com/security/cve/CVE-2025-21964.html
- https://www.suse.com/security/cve/CVE-2025-21980.html
- https://www.suse.com/security/cve/CVE-2025-21985.html
- https://www.suse.com/security/cve/CVE-2025-21999.html
- https://www.suse.com/security/cve/CVE-2025-22004.html
- https://www.suse.com/security/cve/CVE-2025-22015.html
- https://www.suse.com/security/cve/CVE-2025-22016.html
- https://www.suse.com/security/cve/CVE-2025-22017.html
- https://www.suse.com/security/cve/CVE-2025-22018.html
- https://www.suse.com/security/cve/CVE-2025-22020.html
- https://www.suse.com/security/cve/CVE-2025-22025.html
- https://www.suse.com/security/cve/CVE-2025-22027.html
- https://www.suse.com/security/cve/CVE-2025-22029.html
- https://www.suse.com/security/cve/CVE-2025-22033.html
- https://www.suse.com/security/cve/CVE-2025-22036.html
- https://www.suse.com/security/cve/CVE-2025-22044.html
- https://www.suse.com/security/cve/CVE-2025-22045.html
- https://www.suse.com/security/cve/CVE-2025-22050.html
- https://www.suse.com/security/cve/CVE-2025-22053.html
- https://www.suse.com/security/cve/CVE-2025-22055.html
- https://www.suse.com/security/cve/CVE-2025-22058.html
- https://www.suse.com/security/cve/CVE-2025-22060.html
- https://www.suse.com/security/cve/CVE-2025-22062.html
- https://www.suse.com/security/cve/CVE-2025-22064.html
- https://www.suse.com/security/cve/CVE-2025-22065.html
- https://www.suse.com/security/cve/CVE-2025-22075.html
- https://www.suse.com/security/cve/CVE-2025-22080.html
- https://www.suse.com/security/cve/CVE-2025-22086.html
- https://www.suse.com/security/cve/CVE-2025-22088.html
- https://www.suse.com/security/cve/CVE-2025-22090.html
- https://www.suse.com/security/cve/CVE-2025-22093.html
- https://www.suse.com/security/cve/CVE-2025-22097.html
- https://www.suse.com/security/cve/CVE-2025-22102.html
- https://www.suse.com/security/cve/CVE-2025-22104.html
- https://www.suse.com/security/cve/CVE-2025-22105.html
- https://www.suse.com/security/cve/CVE-2025-22106.html
- https://www.suse.com/security/cve/CVE-2025-22107.html
- https://www.suse.com/security/cve/CVE-2025-22108.html
- https://www.suse.com/security/cve/CVE-2025-22109.html
- https://www.suse.com/security/cve/CVE-2025-22115.html
- https://www.suse.com/security/cve/CVE-2025-22116.html
- https://www.suse.com/security/cve/CVE-2025-22121.html
- https://www.suse.com/security/cve/CVE-2025-22128.html
- https://www.suse.com/security/cve/CVE-2025-23129.html
- https://www.suse.com/security/cve/CVE-2025-23131.html
- https://www.suse.com/security/cve/CVE-2025-23133.html
- https://www.suse.com/security/cve/CVE-2025-23136.html
- https://www.suse.com/security/cve/CVE-2025-23138.html
- https://www.suse.com/security/cve/CVE-2025-23145.html
- https://www.suse.com/security/cve/CVE-2025-37785.html
- https://www.suse.com/security/cve/CVE-2025-37798.html
- https://www.suse.com/security/cve/CVE-2025-37799.html
- https://www.suse.com/security/cve/CVE-2025-37860.html
- https://www.suse.com/security/cve/CVE-2025-39728.html
- https://bugzilla.suse.com/show_bug.cgi?id=1215199
- https://bugzilla.suse.com/show_bug.cgi?id=1223809
- https://bugzilla.suse.com/show_bug.cgi?id=1224013
- https://bugzilla.suse.com/show_bug.cgi?id=1224597
- https://bugzilla.suse.com/show_bug.cgi?id=1224757
- https://bugzilla.suse.com/show_bug.cgi?id=1228659
- https://bugzilla.suse.com/show_bug.cgi?id=1230764
- https://bugzilla.suse.com/show_bug.cgi?id=1231103
- https://bugzilla.suse.com/show_bug.cgi?id=1232493
- https://bugzilla.suse.com/show_bug.cgi?id=1233075
- https://bugzilla.suse.com/show_bug.cgi?id=1233098
- https://bugzilla.suse.com/show_bug.cgi?id=1235501
- https://bugzilla.suse.com/show_bug.cgi?id=1235526
- https://bugzilla.suse.com/show_bug.cgi?id=1236086
- https://bugzilla.suse.com/show_bug.cgi?id=1236704
- https://bugzilla.suse.com/show_bug.cgi?id=1237111
- https://bugzilla.suse.com/show_bug.cgi?id=1238212
- https://bugzilla.suse.com/show_bug.cgi?id=1238471
- https://bugzilla.suse.com/show_bug.cgi?id=1238527
- https://bugzilla.suse.com/show_bug.cgi?id=1238714
- https://bugzilla.suse.com/show_bug.cgi?id=1238737
- https://bugzilla.suse.com/show_bug.cgi?id=1238742
- https://bugzilla.suse.com/show_bug.cgi?id=1238745
- https://bugzilla.suse.com/show_bug.cgi?id=1238862
- https://bugzilla.suse.com/show_bug.cgi?id=1238961
- https://bugzilla.suse.com/show_bug.cgi?id=1238983
- https://bugzilla.suse.com/show_bug.cgi?id=1239079
- https://bugzilla.suse.com/show_bug.cgi?id=1239108
- https://bugzilla.suse.com/show_bug.cgi?id=1239470
- https://bugzilla.suse.com/show_bug.cgi?id=1239476
- https://bugzilla.suse.com/show_bug.cgi?id=1239487
- https://bugzilla.suse.com/show_bug.cgi?id=1239510
- https://bugzilla.suse.com/show_bug.cgi?id=1239997
- https://bugzilla.suse.com/show_bug.cgi?id=1240181
- https://bugzilla.suse.com/show_bug.cgi?id=1240557
- https://bugzilla.suse.com/show_bug.cgi?id=1240576
- https://bugzilla.suse.com/show_bug.cgi?id=1240655
- https://bugzilla.suse.com/show_bug.cgi?id=1240709
- https://bugzilla.suse.com/show_bug.cgi?id=1240712
- https://bugzilla.suse.com/show_bug.cgi?id=1240713
- https://bugzilla.suse.com/show_bug.cgi?id=1240717
- https://bugzilla.suse.com/show_bug.cgi?id=1240740
- https://bugzilla.suse.com/show_bug.cgi?id=1240785
- https://bugzilla.suse.com/show_bug.cgi?id=1240802
- https://bugzilla.suse.com/show_bug.cgi?id=1240809
- https://bugzilla.suse.com/show_bug.cgi?id=1240811
- https://bugzilla.suse.com/show_bug.cgi?id=1240835
- https://bugzilla.suse.com/show_bug.cgi?id=1240934
- https://bugzilla.suse.com/show_bug.cgi?id=1240936
- https://bugzilla.suse.com/show_bug.cgi?id=1240944
- https://bugzilla.suse.com/show_bug.cgi?id=1241010
- https://bugzilla.suse.com/show_bug.cgi?id=1241038
- https://bugzilla.suse.com/show_bug.cgi?id=1241051
- https://bugzilla.suse.com/show_bug.cgi?id=1241123
- https://bugzilla.suse.com/show_bug.cgi?id=1241151
- https://bugzilla.suse.com/show_bug.cgi?id=1241167
- https://bugzilla.suse.com/show_bug.cgi?id=1241175
- https://bugzilla.suse.com/show_bug.cgi?id=1241204
- https://bugzilla.suse.com/show_bug.cgi?id=1241250
- https://bugzilla.suse.com/show_bug.cgi?id=1241265
- https://bugzilla.suse.com/show_bug.cgi?id=1241266
- https://bugzilla.suse.com/show_bug.cgi?id=1241280
- https://bugzilla.suse.com/show_bug.cgi?id=1241332
- https://bugzilla.suse.com/show_bug.cgi?id=1241333
- https://bugzilla.suse.com/show_bug.cgi?id=1241341
- https://bugzilla.suse.com/show_bug.cgi?id=1241343
- https://bugzilla.suse.com/show_bug.cgi?id=1241344
- https://bugzilla.suse.com/show_bug.cgi?id=1241347
- https://bugzilla.suse.com/show_bug.cgi?id=1241357
- https://bugzilla.suse.com/show_bug.cgi?id=1241361
- https://bugzilla.suse.com/show_bug.cgi?id=1241369
- https://bugzilla.suse.com/show_bug.cgi?id=1241371
- https://bugzilla.suse.com/show_bug.cgi?id=1241373
- https://bugzilla.suse.com/show_bug.cgi?id=1241378
- https://bugzilla.suse.com/show_bug.cgi?id=1241394
- https://bugzilla.suse.com/show_bug.cgi?id=1241402
- https://bugzilla.suse.com/show_bug.cgi?id=1241412
- https://bugzilla.suse.com/show_bug.cgi?id=1241413
- https://bugzilla.suse.com/show_bug.cgi?id=1241416
- https://bugzilla.suse.com/show_bug.cgi?id=1241424
- https://bugzilla.suse.com/show_bug.cgi?id=1241426
- https://bugzilla.suse.com/show_bug.cgi?id=1241433
- https://bugzilla.suse.com/show_bug.cgi?id=1241436
- https://bugzilla.suse.com/show_bug.cgi?id=1241441
- https://bugzilla.suse.com/show_bug.cgi?id=1241442
- https://bugzilla.suse.com/show_bug.cgi?id=1241443
- https://bugzilla.suse.com/show_bug.cgi?id=1241451
- https://bugzilla.suse.com/show_bug.cgi?id=1241452
- https://bugzilla.suse.com/show_bug.cgi?id=1241456
- https://bugzilla.suse.com/show_bug.cgi?id=1241458
- https://bugzilla.suse.com/show_bug.cgi?id=1241459
- https://bugzilla.suse.com/show_bug.cgi?id=1241526
- https://bugzilla.suse.com/show_bug.cgi?id=1241528
- https://bugzilla.suse.com/show_bug.cgi?id=1241537
- https://bugzilla.suse.com/show_bug.cgi?id=1241541
- https://bugzilla.suse.com/show_bug.cgi?id=1241545
- https://bugzilla.suse.com/show_bug.cgi?id=1241547
- https://bugzilla.suse.com/show_bug.cgi?id=1241548
- https://bugzilla.suse.com/show_bug.cgi?id=1241550
- https://bugzilla.suse.com/show_bug.cgi?id=1241573
- https://bugzilla.suse.com/show_bug.cgi?id=1241574
- https://bugzilla.suse.com/show_bug.cgi?id=1241575
- https://bugzilla.suse.com/show_bug.cgi?id=1241578
- https://bugzilla.suse.com/show_bug.cgi?id=1241590
- https://bugzilla.suse.com/show_bug.cgi?id=1241593
- https://bugzilla.suse.com/show_bug.cgi?id=1241598
- https://bugzilla.suse.com/show_bug.cgi?id=1241599
- https://bugzilla.suse.com/show_bug.cgi?id=1241601
- https://bugzilla.suse.com/show_bug.cgi?id=1241626
- https://bugzilla.suse.com/show_bug.cgi?id=1241640
- https://bugzilla.suse.com/show_bug.cgi?id=1241648
- https://bugzilla.suse.com/show_bug.cgi?id=1242006
- https://bugzilla.suse.com/show_bug.cgi?id=1242044
- https://bugzilla.suse.com/show_bug.cgi?id=1242172
- https://bugzilla.suse.com/show_bug.cgi?id=1242283
- https://bugzilla.suse.com/show_bug.cgi?id=1242307
- https://bugzilla.suse.com/show_bug.cgi?id=1242313
- https://bugzilla.suse.com/show_bug.cgi?id=1242314
- https://bugzilla.suse.com/show_bug.cgi?id=1242315
- https://bugzilla.suse.com/show_bug.cgi?id=1242321
- https://bugzilla.suse.com/show_bug.cgi?id=1242326
- https://bugzilla.suse.com/show_bug.cgi?id=1242327
- https://bugzilla.suse.com/show_bug.cgi?id=1242328
- https://bugzilla.suse.com/show_bug.cgi?id=1242332
- https://bugzilla.suse.com/show_bug.cgi?id=1242333
- https://bugzilla.suse.com/show_bug.cgi?id=1242335
- https://bugzilla.suse.com/show_bug.cgi?id=1242336
- https://bugzilla.suse.com/show_bug.cgi?id=1242342
- https://bugzilla.suse.com/show_bug.cgi?id=1242343
- https://bugzilla.suse.com/show_bug.cgi?id=1242344
- https://bugzilla.suse.com/show_bug.cgi?id=1242345
- https://bugzilla.suse.com/show_bug.cgi?id=1242346
- https://bugzilla.suse.com/show_bug.cgi?id=1242347
- https://bugzilla.suse.com/show_bug.cgi?id=1242348
- https://bugzilla.suse.com/show_bug.cgi?id=1242414
- https://bugzilla.suse.com/show_bug.cgi?id=1242526
- https://bugzilla.suse.com/show_bug.cgi?id=1242528
- https://bugzilla.suse.com/show_bug.cgi?id=1242534
- https://bugzilla.suse.com/show_bug.cgi?id=1242535
- https://bugzilla.suse.com/show_bug.cgi?id=1242536
- https://bugzilla.suse.com/show_bug.cgi?id=1242537
- https://bugzilla.suse.com/show_bug.cgi?id=1242538
- https://bugzilla.suse.com/show_bug.cgi?id=1242539
- https://bugzilla.suse.com/show_bug.cgi?id=1242540
- https://bugzilla.suse.com/show_bug.cgi?id=1242546
- https://bugzilla.suse.com/show_bug.cgi?id=1242556
- https://bugzilla.suse.com/show_bug.cgi?id=1242596
- https://bugzilla.suse.com/show_bug.cgi?id=1242710
- https://bugzilla.suse.com/show_bug.cgi?id=1242778
- https://bugzilla.suse.com/show_bug.cgi?id=1242831
- https://bugzilla.suse.com/show_bug.cgi?id=1242985