{"affected":[{"ecosystem_specific":{"binaries":[{"kernel-devel-rt":"6.4.0-31.1","kernel-livepatch-6_4_0-31-rt":"1-1.2","kernel-rt":"6.4.0-31.1","kernel-rt-livepatch":"6.4.0-31.1","kernel-source-rt":"6.4.0-31.1"}]},"package":{"ecosystem":"SUSE:Linux Micro 6.0","name":"kernel-livepatch-MICRO-6-0-RT_Update_8","purl":"pkg:rpm/suse/kernel-livepatch-MICRO-6-0-RT_Update_8&distro=SUSE%20Linux%20Micro%206.0"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1-1.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-devel-rt":"6.4.0-31.1","kernel-livepatch-6_4_0-31-rt":"1-1.2","kernel-rt":"6.4.0-31.1","kernel-rt-livepatch":"6.4.0-31.1","kernel-source-rt":"6.4.0-31.1"}]},"package":{"ecosystem":"SUSE:Linux Micro 6.0","name":"kernel-rt","purl":"pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Micro%206.0"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"6.4.0-31.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-devel-rt":"6.4.0-31.1","kernel-livepatch-6_4_0-31-rt":"1-1.2","kernel-rt":"6.4.0-31.1","kernel-rt-livepatch":"6.4.0-31.1","kernel-source-rt":"6.4.0-31.1"}]},"package":{"ecosystem":"SUSE:Linux Micro 6.0","name":"kernel-source-rt","purl":"pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Micro%206.0"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"6.4.0-31.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"\n\nThe SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching (bsc#1242006).\n- CVE-2024-35840: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() (bsc#1224597).\n- CVE-2024-50162: bpf: selftests: send packet to devmap redirect XDP (bsc#1233075).\n- CVE-2024-50163: bpf: Make sure internal and UAPI bpf_redirect flags do not overlap (bsc#1233098).\n- CVE-2024-57924: fs: relax assertions on failure to encode file handles (bsc#1236086).\n- CVE-2024-58068: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized (bsc#1238961).\n- CVE-2024-58070: bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT (bsc#1238983).\n- CVE-2024-58088: bpf: Fix deadlock when freeing cgroup storage (bsc#1239510).\n- CVE-2025-21683: bpf: Fix bpf_sk_select_reuseport() memory leak (bsc#1236704).\n- CVE-2025-21696: mm: clear uffd-wp PTE/PMD state on mremap() (bsc#1237111).\n- CVE-2025-21707: mptcp: consolidate suboption status (bsc#1238862).\n- CVE-2025-21758: ipv6: mcast: add RCU protection to mld_newpack() (bsc#1238737).\n- CVE-2025-21768: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels (bsc#1238714).\n- CVE-2025-21792: ax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt (bsc#1238745).\n- CVE-2025-21808: net: xdp: Disallow attaching device-bound programs in generic mode (bsc#1238742).\n- CVE-2025-21812: ax25: rcu protect dev->ax25_ptr (bsc#1238471).\n- CVE-2025-21833: iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE (bsc#1239108).\n- CVE-2025-21854: selftest/bpf: Add vsock test for sockmap rejecting unconnected (bsc#1239470).\n- CVE-2025-21867: bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type() (bsc#1240181).\n- CVE-2025-21904: caif_virtio: fix wrong pointer check in cfv_probe() (bsc#1240576).\n- CVE-2025-21925: llc: do not use skb_get() before dev_queue_xmit() (bsc#1240713).\n- CVE-2025-21926: net: gso: fix ownership in __udp_gso_segment (bsc#1240712).\n- CVE-2025-21931: hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio (bsc#1240709).\n- CVE-2025-21962: cifs: Fix integer overflow while processing closetimeo mount option (bsc#1240655).\n- CVE-2025-21963: cifs: Fix integer overflow while processing acdirmax mount option (bsc#1240717).\n- CVE-2025-21964: cifs: Fix integer overflow while processing acregmax mount option (bsc#1240740).\n- CVE-2025-21980: sched: address a potential NULL pointer dereference in the GRED scheduler (bsc#1240809).\n- CVE-2025-21985: drm/amd/display: Fix out-of-bound accesses (bsc#1240811).\n- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1240802).\n- CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835).\n- CVE-2025-22015: mm/migrate: fix shmem xarray update during migration (bsc#1240944).\n- CVE-2025-22016: dpll: fix xa_alloc_cyclic() error handling (bsc#1240934).\n- CVE-2025-22017: devlink: fix xa_alloc_cyclic() error handling (bsc#1240936).\n- CVE-2025-22018: atm: Fix NULL pointer dereference (bsc#1241266).\n- CVE-2025-22029: exec: fix the racy usage of fs_struct->in_exec (bsc#1241378).\n- CVE-2025-22036: exfat: fix random stack corruption after get_block (bsc#1241426).\n- CVE-2025-22045: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs (bsc#1241433).\n- CVE-2025-22053: net: ibmveth: make veth_pool_store stop hanging (bsc#1241373).\n- CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371).\n- CVE-2025-22058: udp: Fix memory accounting leak (bsc#1241332).\n- CVE-2025-22060: net: mvpp2: Prevent parser TCAM memory corruption (bsc#1241526).\n- CVE-2025-22064: netfilter: nf_tables: do not unregister hook when table is dormant (bsc#1241413).\n- CVE-2025-22080: fs/ntfs3: Prevent integer overflow in hdr_first_de() (bsc#1241416).\n- CVE-2025-22090: mm: (un)track_pfn_copy() fix + doc improvements (bsc#1241537).\n- CVE-2025-22102: Bluetooth: btnxpuart: Fix kernel panic during FW release (bsc#1241456).\n- CVE-2025-22104: ibmvnic: Use kernel helpers for hex dumps (bsc#1241550).\n- CVE-2025-22105, CVE-2025-37860: Add missing bugzilla references (bsc#1241452 bsc#1241548).\n- CVE-2025-22107: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry() (bsc#1241575).\n- CVE-2025-22109: ax25: Remove broken autobind (bsc#1241573).\n- CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241578).\n- CVE-2025-22121: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() (bsc#1241593).\n- CVE-2025-23133: wifi: ath11k: update channel list in reg notifier instead reg worker (bsc#1241451).\n- CVE-2025-23138: watch_queue: fix pipe accounting mismatch (bsc#1241648).\n- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242596).\n- CVE-2025-37785: ext4: fix OOB read when checking dotdot dir (bsc#1241640).\n- CVE-2025-37798: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() (bsc#1242414).\n- CVE-2025-37799: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp (bsc#1242283).\n- CVE-2025-39728: clk: samsung: Fix UBSAN panic in samsung_clk_init() (bsc#1241626).\n\nThe following non-security bugs were fixed:\n\n- ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls (stable-fixes).\n- ACPI: EC: Set ec_no_wakeup for Lenovo Go S (stable-fixes).\n- ALSA: hda/realtek - Enable speaker for HP platform (git-fixes).\n- ALSA: hda/realtek - Fixed ASUS platform headset Mic issue (git-fixes).\n- ALSA: hda/realtek: Fix built-mic regression on other ASUS models (git-fixes).\n- ALSA: hda: intel: Add Lenovo IdeaPad Z570 to probe denylist (stable-fixes).\n- ALSA: hda: intel: Fix Optimus when GPU has no sound (stable-fixes).\n- ALSA: ump: Fix buffer overflow at UMP SysEx message conversion (bsc#1242044).\n- ALSA: usb-audio: Add retry on -EPROTO from usb_set_interface() (stable-fixes).\n- ALSA: usb-audio: Add second USB ID for Jabra Evolve 65 headset (stable-fixes).\n- ALSA: usb-audio: Fix CME quirk for UF series keyboards (stable-fixes).\n- ASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe() (git-fixes).\n- ASoC: SOF: topology: Use krealloc_array() to replace krealloc() (stable-fixes).\n- ASoC: Use of_property_read_bool() (stable-fixes).\n- ASoC: amd: Add DMI quirk for ACP6X mic support (stable-fixes).\n- ASoC: amd: yc: update quirk data for new Lenovo model (stable-fixes).\n- ASoC: codecs:lpass-wsa-macro: Fix logic of enabling vi channels (git-fixes).\n- ASoC: codecs:lpass-wsa-macro: Fix vi feedback rate (git-fixes).\n- ASoC: fsl_audmix: register card device depends on 'dais' property (stable-fixes).\n- ASoC: qcom: Fix sc7280 lpass potential buffer overflow (git-fixes).\n- ASoC: soc-core: Stop using of_property_read_bool() for non-boolean properties (stable-fixes).\n- ASoC: soc-pcm: Fix hw_params() and DAPM widget sequence (git-fixes).\n- Bluetooth: btrtl: Prevent potential NULL dereference (git-fixes).\n- Bluetooth: btusb: avoid NULL pointer dereference in skb_dequeue() (git-fixes).\n- Bluetooth: hci_event: Fix sending MGMT_EV_DEVICE_FOUND for invalid address (git-fixes).\n- Bluetooth: hci_uart: Fix another race during initialization (git-fixes).\n- Bluetooth: hci_uart: fix race during initialization (stable-fixes).\n- Bluetooth: l2cap: Check encryption key size on incoming connection (git-fixes).\n- Bluetooth: l2cap: Process valid commands in too long frame (stable-fixes).\n- Bluetooth: vhci: Avoid needless snprintf() calls (git-fixes).\n- Correct the upsteram version numbers in the previous patches\n- Drop PCI patch that caused a regression (bsc#1241123)\n- Input: cyttsp5 - ensure minimum reset pulse width (git-fixes).\n- Input: mtk-pmic-keys - fix possible null pointer dereference (git-fixes).\n- Input: xpad - fix two controller table values (git-fixes).\n- Move upstreamed smb patch into sorted section Also move other out-of-tree patches into the proper section\n- Move upstreamed sound patch into sorted section\n- OPP: add index check to assert to avoid buffer overflow in _read_freq() (bsc#1238961)\n- PCI/MSI: Add an option to write MSIX ENTRY_DATA before any reads (git-fixes).\n- PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type (stable-fixes).\n- RDMA/cma: Fix workqueue crash in cma_netevent_work_handler (git-fixes)\n- RDMA/core: Silence oversized kvmalloc() warning (git-fixes)\n- RDMA/hns: Fix wrong maximum DMA segment size (git-fixes)\n- RDMA/mana_ib: Ensure variable err is initialized (git-fixes).\n- RDMA/usnic: Fix passing zero to PTR_ERR in usnic_ib_pci_probe() (git-fixes)\n- Revert \"drivers: core: synchronize really_probe() and dev_uevent()\" (stable-fixes).\n- Revert \"drm/meson: vclk: fix calculation of 59.94 fractional rates\" (git-fixes).\n- Revert \"wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()\" (git-fixes).\n- USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02) (stable-fixes).\n- USB: VLI disk crashes if LPM is used (stable-fixes).\n- USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe (stable-fixes).\n- USB: serial: option: add Sierra Wireless EM9291 (stable-fixes).\n- USB: serial: simple: add OWON HDS200 series oscilloscope support (stable-fixes).\n- USB: storage: quirk for ADATA Portable HDD CH94 (stable-fixes).\n- USB: usbtmc: use interruptible sleep in usbtmc_read (git-fixes).\n- USB: wdm: add annotation (git-fixes).\n- USB: wdm: close race between wdm_open and wdm_wwan_port_stop (git-fixes).\n- USB: wdm: handle IO errors in wdm_wwan_port_start (git-fixes).\n- USB: wdm: wdm_wwan_port_tx_complete mutex in atomic context (git-fixes).\n- ahci: add PCI ID for Marvell 88SE9215 SATA Controller (stable-fixes).\n- asus-laptop: Fix an uninitialized variable (git-fixes).\n- ata: libata-sata: Save all fields from sense data descriptor (git-fixes).\n- ata: libata-scsi: Fix ata_mselect_control_ata_feature() return type (git-fixes).\n- ata: libata-scsi: Fix ata_msense_control_ata_feature() (git-fixes).\n- ata: libata-scsi: Improve CDL control (git-fixes).\n- ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() (git-fixes).\n- ata: sata_sx4: Add error handling in pdc20621_i2c_read() (git-fixes).\n- auxdisplay: hd44780: Convert to platform remove callback returning void (stable-fixes).\n- auxdisplay: hd44780: Fix an API misuse in hd44780.c (git-fixes).\n- badblocks: Fix error shitf ops (git-fixes).\n- badblocks: fix merge issue when new badblocks align with pre+1 (git-fixes).\n- badblocks: fix missing bad blocks on retry in _badblocks_check() (git-fixes).\n- badblocks: fix the using of MAX_BADBLOCKS (git-fixes).\n- badblocks: return error directly when setting badblocks exceeds 512 (git-fixes).\n- badblocks: return error if any badblock set fails (git-fixes).\n- blk-throttle: fix lower bps rate by throtl_trim_slice() (git-fixes).\n- block: change blk_mq_add_to_batch() third argument type to bool (git-fixes).\n- block: fix 'kmem_cache of name 'bio-108' already exists' (git-fixes).\n- block: fix conversion of GPT partition name to 7-bit (git-fixes).\n- block: fix resource leak in blk_register_queue() error path (git-fixes).\n- block: integrity: Do not call set_page_dirty_lock() (git-fixes).\n- block: make sure ->nr_integrity_segments is cloned in blk_rq_prep_clone (git-fixes).\n- bnxt_en: Linearize TX SKB if the fragments exceed the max (git-fixes).\n- bnxt_en: Mask the bd_cnt field in the TX BD properly (git-fixes).\n- bpf: Add missed var_off setting in coerce_subreg_to_size_sx() (git-fixes).\n- bpf: Add missed var_off setting in set_sext32_default_val() (git-fixes).\n- bpf: add find_containing_subprog() utility function (bsc#1241590).\n- bpf: check changes_pkt_data property for extension programs (bsc#1241590).\n- bpf: consider that tail calls invalidate packet pointers (bsc#1241590).\n- bpf: fix null dereference when computing changes_pkt_data of prog w/o subprogs (bsc#1241590).\n- bpf: refactor bpf_helper_changes_pkt_data to use helper number (bsc#1241590).\n- bpf: track changes_pkt_data property for global functions (bsc#1241590).\n- btrfs: add and use helper to verify the calling task has locked the inode (bsc#1241204).\n- btrfs: always fallback to buffered write if the inode requires checksum (bsc#1242831 bsc#1242710).\n- btrfs: fix hole expansion when writing at an offset beyond EOF (bsc#1241151).\n- btrfs: fix missing snapshot drew unlock when root is dead during swap activation (bsc#1241204).\n- btrfs: fix race with memory mapped writes when activating swap file (bsc#1241204).\n- btrfs: fix swap file activation failure due to extents that used to be shared (bsc#1241204).\n- can: gw: fix RCU/BH usage in cgw_create_job() (git-fixes).\n- can: mcan: m_can_class_unregister(): fix order of unregistration calls (git-fixes).\n- can: mcp251xfd: fix TDC setting for low data bit rates (git-fixes).\n- can: mcp251xfd: mcp251xfd_remove(): fix order of unregistration calls (git-fixes).\n- cdc_ether|r8152: ThinkPad Hybrid USB-C/A Dock quirk (stable-fixes).\n- char: misc: register chrdev region with all possible minors (git-fixes).\n- cifs: Fix integer overflow while processing actimeo mount option (git-fixes).\n- crypto: atmel-sha204a - Set hwrng quality to lowest possible (git-fixes).\n- crypto: caam/qi - Fix drv_ctx refcount bug (git-fixes).\n- crypto: ccp - Add support for PCI device 0x1134 (stable-fixes).\n- cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path (git-fixes).\n- dm-bufio: do not schedule in atomic context (git-fixes).\n- dm-ebs: fix prefetch-vs-suspend race (git-fixes).\n- dm-integrity: set ti->error on memory allocation failure (git-fixes).\n- dm-verity: fix prefetch-vs-suspend race (git-fixes).\n- dm: add missing unlock on in dm_keyslot_evict() (git-fixes).\n- dm: always update the array size in realloc_argv on success (git-fixes).\n- dm: fix copying after src array boundaries (git-fixes).\n- dmaengine: dmatest: Fix dmatest waiting less when interrupted (stable-fixes).\n- drivers: base: devres: Allow to release group on device release (stable-fixes).\n- drm/amd/display: Add scoped mutexes for amdgpu_dm_dhcp (stable-fixes).\n- drm/amd/display: Copy AUX read reply data whenever length > 0 (git-fixes).\n- drm/amd/display: Fix gpu reset in multidisplay config (git-fixes).\n- drm/amd/display: Fix slab-use-after-free in hdcp (git-fixes).\n- drm/amd/display: Fix wrong handling for AUX_DEFER case (git-fixes).\n- drm/amd/display: Force full update in gpu reset (stable-fixes).\n- drm/amd/display: Remove incorrect checking in dmub aux handler (git-fixes).\n- drm/amd/display: Shift DMUB AUX reply command if necessary (git-fixes).\n- drm/amd/display: add workaround flag to link to force FFE preset (stable-fixes).\n- drm/amd: Handle being compiled without SI or CIK support better (stable-fixes).\n- drm/amdgpu/hdp5.2: use memcfg register to post the write for HDP flush (git-fixes).\n- drm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create() (stable-fixes).\n- drm/amdkfd: Fix mode1 reset crash issue (stable-fixes).\n- drm/amdkfd: Fix pqm_destroy_queue race with GPU reset (stable-fixes).\n- drm/amdkfd: clamp queue size to minimum (stable-fixes).\n- drm/amdkfd: debugfs hang_hws skip GPU with MES (stable-fixes).\n- drm/bridge: panel: forbid initializing a panel with unknown connector type (stable-fixes).\n- drm/fdinfo: Protect against driver unbind (git-fixes).\n- drm/i915/dg2: wait for HuC load completion before running selftests (stable-fixes).\n- drm/i915/gvt: fix unterminated-string-initialization warning (stable-fixes).\n- drm/i915/pxp: fix undefined reference to `intel_pxp_gsccs_is_ready_for_sessions' (git-fixes).\n- drm/i915/xelpg: Extend driver code of Xe_LPG to Xe_LPG+ (stable-fixes).\n- drm/i915: Disable RPG during live selftest (git-fixes).\n- drm/mediatek: mtk_dpi: Explicitly manage TVD clock in power on/off (stable-fixes).\n- drm/mediatek: mtk_dpi: Move the input_2p_en bit to platform data (stable-fixes).\n- drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill() (git-fixes).\n- drm/panel: simple: Update timings for AUO G101EVN010 (git-fixes).\n- drm/tests: Add helper to create mock crtc (stable-fixes).\n- drm/tests: Add helper to create mock plane (stable-fixes).\n- drm/tests: Build KMS helpers when DRM_KUNIT_TEST_HELPERS is enabled (git-fixes).\n- drm/tests: cmdline: Fix drm_display_mode memory leak (git-fixes).\n- drm/tests: helpers: Add atomic helpers (stable-fixes).\n- drm/tests: helpers: Add helper for drm_display_mode_from_cea_vic() (stable-fixes).\n- drm/tests: helpers: Create kunit helper to destroy a drm_display_mode (stable-fixes).\n- drm/tests: helpers: Fix compiler warning (git-fixes).\n- drm/tests: modes: Fix drm_display_mode memory leak (git-fixes).\n- drm/tests: probe-helper: Fix drm_display_mode memory leak (git-fixes).\n- drm: Select DRM_KMS_HELPER from DRM_DEBUG_DP_MST_TOPOLOGY_REFS (git-fixes).\n- drm: allow encoder mode_set even when connectors change for crtc (stable-fixes).\n- drm: panel-orientation-quirks: Add new quirk for GPD Win 2 (stable-fixes).\n- drm: panel-orientation-quirks: Add quirk for AYA NEO Slide (stable-fixes).\n- drm: panel-orientation-quirks: Add quirk for OneXPlayer Mini (Intel) (stable-fixes).\n- drm: panel-orientation-quirks: Add quirks for AYA NEO Flip DS and KB (stable-fixes).\n- drm: panel-orientation-quirks: Add support for AYANEO 2S (stable-fixes).\n- e1000e: change k1 configuration on MTP and later platforms (git-fixes).\n- eth: bnxt: fix missing ring index trim on error path (git-fixes).\n- ethtool: Fix context creation with no parameters (git-fixes).\n- ethtool: Fix set RXNFC command with symmetric RSS hash (git-fixes).\n- ethtool: Fix wrong mod state in case of verbose and no_mask bitset (git-fixes).\n- ethtool: do not propagate EOPNOTSUPP from dumps (git-fixes).\n- ethtool: fix setting key and resetting indir at once (git-fixes).\n- ethtool: netlink: Add missing ethnl_ops_begin/complete (git-fixes).\n- ethtool: netlink: do not return SQI value if link is down (git-fixes).\n- ethtool: plca: fix plca enable data type while parsing the value (git-fixes).\n- ethtool: rss: echo the context number back (git-fixes).\n- exfat: do not fallback to buffered write (git-fixes).\n- exfat: drop ->i_size_ondisk (git-fixes).\n- exfat: fix soft lockup in exfat_clear_bitmap (git-fixes).\n- exfat: short-circuit zero-byte writes in exfat_file_write_iter (git-fixes).\n- ext4: add missing brelse() for bh2 in ext4_dx_add_entry() (bsc#1242342).\n- ext4: correct encrypted dentry name hash when not casefolded (bsc#1242540).\n- ext4: do not over-report free space or inodes in statvfs (bsc#1242345).\n- ext4: do not treat fhandle lookup of ea_inode as FS corruption (bsc#1242347).\n- ext4: fix FS_IOC_GETFSMAP handling (bsc#1240557).\n- ext4: goto right label 'out_mmap_sem' in ext4_setattr() (bsc#1242556).\n- ext4: make block validity check resistent to sb bh corruption (bsc#1242348).\n- ext4: partial zero eof block on unaligned inode size extension (bsc#1242336).\n- ext4: protect ext4_release_dquot against freezing (bsc#1242335).\n- ext4: replace the traditional ternary conditional operator with with max()/min() (bsc#1242536).\n- ext4: treat end of range as exclusive in ext4_zero_range() (bsc#1242539).\n- ext4: unify the type of flexbg_size to unsigned int (bsc#1242538).\n- fbdev: omapfb: Add 'plane' value check (stable-fixes).\n- firmware: arm_ffa: Skip Rx buffer ownership release if not acquired (git-fixes).\n- firmware: arm_scmi: Balance device refcount when destroying devices (git-fixes).\n- fs/jfs: Prevent integer overflow in AG size calculation (git-fixes).\n- fs/jfs: cast inactags to s64 to prevent potential overflow (git-fixes).\n- fs/ntfs3: add prefix to bitmap_size() and use BITS_TO_U64() (bsc#1241250).\n- fs: better handle deep ancestor chains in is_subdir() (bsc#1242528).\n- fs: consistently deref the files table with rcu_dereference_raw() (bsc#1242535).\n- fs: do not allow non-init s_user_ns for filesystems without FS_USERNS_MOUNT (bsc#1242526).\n- fs: support relative paths with FSCONFIG_SET_STRING (git-fixes).\n- gpio: zynq: Fix wakeup source leaks on device unbind (stable-fixes).\n- gve: handle overflow when reporting TX consumed descriptors (git-fixes).\n- gve: set xdp redirect target only when it is available (git-fixes).\n- hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key (git-fixes).\n- i2c: cros-ec-tunnel: defer probe if parent EC is not present (git-fixes).\n- i2c: imx-lpi2c: Fix clock count when probe defers (git-fixes).\n- ice: Add check for devm_kzalloc() (git-fixes).\n- ice: fix reservation of resources for RDMA when disabled (git-fixes).\n- ice: stop truncating queue ids when checking (git-fixes).\n- idpf: check error for register_netdev() on init (git-fixes).\n- idpf: fix adapter NULL pointer dereference on reboot (git-fixes).\n- igb: reject invalid external timestamp requests for 82580-based HW (git-fixes).\n- igc: add lock preventing multiple simultaneous PTM transactions (git-fixes).\n- igc: cleanup PTP module if probe fails (git-fixes).\n- igc: fix PTM cycle trigger logic (git-fixes).\n- igc: handle the IGC_PTP_ENABLED flag correctly (git-fixes).\n- igc: increase wait time before retrying PTM (git-fixes).\n- igc: move ktime snapshot into PTM retry loop (git-fixes).\n- iio: accel: adxl367: fix setting odr for activity time update (git-fixes).\n- iio: adc: ad7606: fix serial register access (git-fixes).\n- iio: adc: ad7768-1: Fix conversion result sign (git-fixes).\n- iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check (stable-fixes).\n- iio: adis16201: Correct inclinometer channel resolution (git-fixes).\n- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo (git-fixes).\n- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo (git-fixes).\n- iio: temp: maxim-thermocouple: Fix potential lack of DMA safe buffer (git-fixes).\n- iommu: Fix two issues in iommu_copy_struct_from_user() (git-fixes).\n- ipv4: fib: annotate races around nh->nh_saddr_genid and nh->nh_saddr (git-fixes).\n- irqchip/davinci: Remove leftover header (git-fixes).\n- irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() (git-fixes).\n- irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs (git-fixes).\n- isofs: fix KMSAN uninit-value bug in do_isofs_readdir() (bsc#1242307).\n- jbd2: add a missing data flush during file and fs synchronization (bsc#1242346).\n- jbd2: fix off-by-one while erasing journal (bsc#1242344).\n- jbd2: flush filesystem device before updating tail sequence (bsc#1242333).\n- jbd2: increase IO priority for writing revoke records (bsc#1242332).\n- jbd2: increase the journal IO's priority (bsc#1242537).\n- jbd2: remove wrong sb->s_sequence check (bsc#1242343).\n- jfs: Fix uninit-value access of imap allocated in the diMount() function (git-fixes).\n- jfs: Prevent copying of nlink with value 0 from disk inode (git-fixes).\n- jfs: add sanity check for agwidth in dbMount (git-fixes).\n- kABI fix for sctp: detect and prevent references to a freed transport in sendmsg (git-fixes).\n- kABI workaround for powercap update (bsc#1241010).\n- ktest: Fix Test Failures Due to Missing LOG_FILE Directories (stable-fixes).\n- kunit: qemu_configs: SH: Respect kunit cmdline (git-fixes).\n- loop: LOOP_SET_FD: send uevents for partitions (git-fixes).\n- loop: properly send KOBJ_CHANGED uevent for disk device (git-fixes).\n- loop: stop using vfs_iter_{read,write} for buffered I/O (git-fixes).\n- md/md-bitmap: fix wrong bitmap_limit for clustermd when write sb (bsc#1238212)\n- media: uvcvideo: Add quirk for Actions UVC05 (stable-fixes).\n- mei: me: add panther lake H DID (stable-fixes).\n- misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration (git-fixes).\n- misc: microchip: pci1xxxx: Fix incorrect IRQ status handling during ack (git-fixes).\n- mm/readahead: fix large folio support in async readahead (bsc#1242321).\n- mm: fix error handling in __filemap_get_folio() with FGP_NOWAIT (bsc#1242326).\n- mm: fix filemap_get_folios_contig returning batches of identical folios (bsc#1242327).\n- mm: fix oops when filemap_map_pmd() without prealloc_pte (bsc#1242546).\n- mmc: dw_mmc: add a quirk for accessing 64-bit FIFOs in two halves (stable-fixes).\n- mmc: renesas_sdhi: Fix error handling in renesas_sdhi_probe (git-fixes).\n- mptcp: mptcp_parse_option() fix for MPTCPOPT_MP_JOIN (git-fixes).\n- mptcp: refine opt_mp_capable determination (git-fixes).\n- mptcp: relax check on MPC passive fallback (git-fixes).\n- mptcp: strict validation before using mp_opt->hmac (git-fixes).\n- mptcp: use OPTION_MPTCP_MPJ_SYN in subflow_check_req() (git-fixes).\n- net/mlx5: Fill out devlink dev info only for PFs (git-fixes).\n- net/mlx5: IRQ, Fix null string in debug print (git-fixes).\n- net/mlx5: Lag, Check shared fdb before creating MultiPort E-Switch (git-fixes).\n- net/mlx5: Start health poll after enable hca (git-fixes).\n- net/mlx5e: Fix ethtool -N flow-type ip4 to RSS context (git-fixes).\n- net/mlx5e: Prevent bridge link show failure for non-eswitch-allowed devices (git-fixes).\n- net/mlx5e: SHAMPO, Make reserved size independent of page size (git-fixes).\n- net/tcp: refactor tcp_inet6_sk() (git-fixes).\n- net: annotate data-races around sk->sk_dst_pending_confirm (git-fixes).\n- net: annotate data-races around sk->sk_tx_queue_mapping (git-fixes).\n- net: blackhole_dev: fix build warning for ethh set but not used (git-fixes).\n- net: ethtool: Do not call .cleanup_data when prepare_data fails (git-fixes).\n- net: ethtool: Fix RSS setting (git-fixes).\n- net: ipv6: fix UDPv6 GSO segmentation with NAT (git-fixes).\n- net: mana: Switch to page pool for jumbo frames (git-fixes).\n- net: mark racy access on sk->sk_rcvbuf (git-fixes).\n- net: phy: leds: fix memory leak (git-fixes).\n- net: phy: microchip: force IRQ polling mode for lan88xx (git-fixes).\n- net: sctp: fix skb leak in sctp_inq_free() (git-fixes).\n- net: set SOCK_RCU_FREE before inserting socket into hashtable (git-fixes).\n- net: usb: asix_devices: add FiberGecko DeviceID (stable-fixes).\n- net_sched: drr: Fix double list add in class with netem as child qdisc (git-fixes).\n- net_sched: ets: Fix double list add in class with netem as child qdisc (git-fixes).\n- net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (git-fixes).\n- net_sched: qfq: Fix double list add in class with netem as child qdisc (git-fixes).\n- netpoll: Use rcu_access_pointer() in netpoll_poll_lock (git-fixes).\n- nfs: add missing selections of CONFIG_CRC32 (git-fixes).\n- nfsd: decrease sc_count directly if fail to queue dl_recall (git-fixes).\n- ntb: reduce stack usage in idt_scan_mws (stable-fixes).\n- ntb_hw_amd: Add NTB PCI ID for new gen CPU (stable-fixes).\n- nvme-pci: clean up CMBMSC when registering CMB fails (git-fixes).\n- nvme-pci: fix stuck reset on concurrent DPC and HP (git-fixes).\n- nvme-pci: skip CMB blocks incompatible with PCI P2P DMA (git-fixes).\n- nvme-pci: skip nvme_write_sq_db on empty rqlist (git-fixes).\n- nvme-tcp: fix possible UAF in nvme_tcp_poll (git-fixes).\n- nvme/ioctl: do not warn on vectorized uring_cmd with fixed buffer (git-fixes).\n- nvmet-fcloop: swap list_add_tail arguments (git-fixes).\n- perf: arm_cspmu: nvidia: enable NVLINK-C2C port filtering (bsc#1242172)\n- perf: arm_cspmu: nvidia: fix sysfs path in the kernel doc (bsc#1242172)\n- perf: arm_cspmu: nvidia: monitor all ports by default (bsc#1242172)\n- perf: arm_cspmu: nvidia: remove unsupported SCF events (bsc#1242172)\n- phy: freescale: imx8m-pcie: assert phy reset and perst in power off (git-fixes).\n- pinctrl: renesas: rza2: Fix potential NULL pointer dereference (stable-fixes).\n- platform/x86/amd/pmc: Declare quirk_spurious_8042 for MECHREVO Wujie 14XA (GX4HRXL) (git-fixes).\n- platform/x86/amd: pmc: Require at least 2.5 seconds between HW sleep cycles (stable-fixes).\n- platform/x86/intel-uncore-freq: Fix missing uncore sysfs during CPU hotplug (git-fixes).\n- platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection (git-fixes).\n- pm: cpupower: bench: Prevent NULL dereference on malloc failure (stable-fixes).\n- powercap: intel_rapl: Introduce APIs for PMU support (bsc#1241010).\n- powercap: intel_rapl_tpmi: Enable PMU support (bsc#1241010).\n- powerpc/boot: Check for ld-option support (bsc#1215199).\n- powerpc/boot: Fix dash warning (bsc#1215199).\n- powerpc: Do not use --- in kernel logs (git-fixes).\n- pwm: fsl-ftm: Handle clk_get_rate() returning 0 (git-fixes).\n- pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config() (git-fixes).\n- pwm: rcar: Improve register calculation (git-fixes).\n- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN\n- rpm/kernel-binary.spec.in: Also order against update-bootloader (boo#1228659, boo#1240785, boo#1241038).\n- rpm/package-descriptions: Add rt and rt_debug descriptions\n- rtc: pcf85063: do a SW reset if POR failed (stable-fixes).\n- scsi: core: Use GFP_NOIO to avoid circular locking dependency (git-fixes).\n- scsi: hisi_sas: Enable force phy when SATA disk directly connected (git-fixes).\n- scsi: iscsi: Fix missing scsi_host_put() in error path (git-fixes).\n- scsi: lpfc: Restore clearing of NLP_UNREG_INP in ndlp->nlp_flag (git-fixes).\n- scsi: mpi3mr: Fix locking in an error path (git-fixes).\n- scsi: mpt3sas: Fix a locking bug in an error path (git-fixes).\n- scsi: mpt3sas: Reduce log level of ignore_delay_remove message to KERN_INFO (git-fixes).\n- scsi: scsi_debug: Remove a reference to in_use_bm (git-fixes).\n- sctp: Fix undefined behavior in left shift operation (git-fixes).\n- sctp: add mutual exclusion in proc_sctp_do_udp_port() (git-fixes).\n- sctp: detect and prevent references to a freed transport in sendmsg (git-fixes).\n- sctp: ensure sk_state is set to CLOSED if hashing fails in sctp_listen_start (git-fixes).\n- sctp: fix association labeling in the duplicate COOKIE-ECHO case (git-fixes).\n- sctp: fix busy polling (git-fixes).\n- sctp: prefer struct_size over open coded arithmetic (git-fixes).\n- sctp: support MSG_ERRQUEUE flag in recvmsg() (git-fixes).\n- selftests/bpf: Add a few tests to cover (git-fixes).\n- selftests/bpf: extend changes_pkt_data with cases w/o subprograms (bsc#1241590).\n- selftests/bpf: freplace tests for tracking of changes_packet_data (bsc#1241590).\n- selftests/bpf: test for changing packet data from global functions (bsc#1241590).\n- selftests/bpf: validate that tail call invalidates packet pointers (bsc#1241590).\n- selftests/futex: futex_waitv wouldblock test should fail (git-fixes).\n- selftests/mm: generate a temporary mountpoint for cgroup filesystem (git-fixes).\n- serial: msm: Configure correct working mode before starting earlycon (git-fixes).\n- serial: sifive: lock port in startup()/shutdown() callbacks (git-fixes).\n- smb: client: fix folio leaks and perf improvements (bsc#1239997, bsc1241265).\n- sound/virtio: Fix cancel_sync warnings on uninitialized work_structs (stable-fixes).\n- spi: tegra114: Do not fail set_cs_timing when delays are zero (git-fixes).\n- spi: tegra210-quad: add rate limiting and simplify timeout error message (stable-fixes).\n- spi: tegra210-quad: use WARN_ON_ONCE instead of WARN_ON for timeouts (stable-fixes).\n- splice: remove duplicate noinline from pipe_clear_nowait (bsc#1242328).\n- staging: axis-fifo: Correct handling of tx_fifo_depth for size validation (git-fixes).\n- staging: axis-fifo: Remove hardware resets for user errors (git-fixes).\n- staging: iio: adc: ad7816: Correct conditional logic for store mode (git-fixes).\n- string: Add load_unaligned_zeropad() code path to sized_strscpy() (git-fixes).\n- tcp: fix mptcp DSS corruption due to large pmtu xmit (git-fixes).\n- thunderbolt: Scan retimers after device router has been enumerated (stable-fixes).\n- tools/hv: update route parsing in kvp daemon (git-fixes).\n- tools/power turbostat: Increase CPU_SUBSET_MAXCPUS to 8192 (bsc#1241175).\n- tools/power turbostat: report CoreThr per measurement interval (git-fixes).\n- tty: n_tty: use uint for space returned by tty_write_room() (git-fixes).\n- ublk: set_params: properly check if parameters can be applied (git-fixes).\n- udf: Fix inode_getblk() return value (bsc#1242313).\n- udf: Skip parent dir link count update if corrupted (bsc#1242315).\n- udf: Verify inode link counts before performing rename (bsc#1242314).\n- usb: cdns3: Fix deadlock when using NCM gadget (git-fixes).\n- usb: cdnsp: fix L1 resume issue for RTL_REVISION_NEW_LPM version (git-fixes).\n- usb: chipidea: ci_hdrc_imx: fix call balance of regulator routines (git-fixes).\n- usb: chipidea: ci_hdrc_imx: implement usb_phy_init() error handling (git-fixes).\n- usb: dwc3: gadget: Avoid using reserved endpoints on Intel Merrifield (stable-fixes).\n- usb: dwc3: gadget: Refactor loop to avoid NULL endpoints (stable-fixes).\n- usb: dwc3: gadget: check that event count does not exceed event buffer length (git-fixes).\n- usb: dwc3: xilinx: Prevent spike in reset signal (git-fixes).\n- usb: gadget: Use get_status callback to set remote wakeup capability (git-fixes).\n- usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() (stable-fixes).\n- usb: gadget: f_ecm: Add get_status callback (git-fixes).\n- usb: gadget: tegra-xudc: ACK ST_RC after clearing CTRL_RUN (git-fixes).\n- usb: host: max3421-hcd: Add missing spi_device_id table (stable-fixes).\n- usb: host: tegra: Prevent host controller crash when OTG port is used (git-fixes).\n- usb: host: xhci-plat: mvebu: use ->quirks instead of ->init_quirk() func (stable-fixes).\n- usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive (stable-fixes).\n- usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive (stable-fixes).\n- usb: typec: tcpm: delay SNK_TRY_WAIT_DEBOUNCE to SRC_TRYWAIT transition (git-fixes).\n- usb: typec: ucsi: displayport: Fix NULL pointer access (git-fixes).\n- usb: uhci-platform: Make the clock really optional (git-fixes).\n- usb: usbtmc: Fix erroneous generic_read ioctl return (git-fixes).\n- usb: usbtmc: Fix erroneous get_stb ioctl error returns (git-fixes).\n- usb: usbtmc: Fix erroneous wait_srq ioctl return (git-fixes).\n- vdpa/mlx5: Fix oversized null mkey longer than 32bit (git-fixes).\n- vfs: do not mod negative dentry count when on shrinker list (bsc#1242534).\n- virtchnl: make proto and filter action count unsigned (git-fixes).\n- vmxnet3: Fix tx queue race condition with XDP (bsc#1241394).\n- vmxnet3: unregister xdp rxq info in the reset path (bsc#1241394).\n- wifi: at76c50x: fix use after free access in at76_disconnect (git-fixes).\n- wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi (stable-fixes).\n- wifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process (stable-fixes).\n- wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage() (git-fixes).\n- wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation (git-fixes).\n- wifi: mac80211: Purge vif txq in ieee80211_do_stop() (git-fixes).\n- wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue() (git-fixes).\n- wifi: mt76: mt76x2u: add TP-Link TL-WDN6200 ID to device table (stable-fixes).\n- wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release (git-fixes).\n- wifi: wl1251: fix memory leak in wl1251_tx_work (git-fixes).\n- x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778).\n- x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778).\n- x86/bpf: Call branch history clearing sequence on exit (bsc#1242778).\n- x86/bugs: Add RSB mitigation document (git-fixes).\n- x86/bugs: Do not fill RSB on VMEXIT with eIBRS+retpoline (git-fixes).\n- x86/bugs: Do not fill RSB on context switch with eIBRS (git-fixes).\n- x86/bugs: Fix RSB clearing in indirect_branch_prediction_barrier() (git-fixes).\n- x86/bugs: Rename entry_ibpb() to write_ibpb() (git-fixes).\n- x86/bugs: Use SBPB in write_ibpb() if applicable (git-fixes).\n- x86/dumpstack: Fix inaccurate unwinding from exception stacks due to misplaced assignment (git-fixes).\n- x86/entry: Fix ORC unwinder for PUSH_REGS with save_ret=1 (git-fixes).\n- x86/hyperv: Fix check of return value from snp_set_vmsa() (git-fixes).\n- x86/microcode/AMD: Fix a -Wsometimes-uninitialized clang false positive (git-fixes).\n- x86/microcode/AMD: Flush patch buffer mapping after application (git-fixes).\n- x86/microcode/AMD: Pay attention to the stepping dynamically (git-fixes).\n- x86/microcode/AMD: Split load_microcode_amd() (git-fixes).\n- x86/microcode/AMD: Use the family,model,stepping encoded in the patch ID (git-fixes).\n- x86/microcode/intel: Set new revision only after a successful update (git-fixes).\n- x86/microcode: Remove the driver announcement and version (git-fixes).\n- x86/microcode: Rework early revisions reporting (git-fixes).\n- x86/paravirt: Move halt paravirt calls under CONFIG_PARAVIRT (git-fixes).\n- x86/tdx: Emit warning if IRQs are enabled during HLT #VE handling (git-fixes).\n- x86/tdx: Fix arch_safe_halt() execution for TDX VMs (git-fixes).\n- x86/uaccess: Improve performance by aligning writes to 8 bytes in copy_user_generic(),\n  on non-FSRM/ERMS CPUs (git-fixes).\n- xfs: flush inodegc before swapon (git-fixes).\n- xhci: Clean up stale comment on ERST_SIZE macro (stable-fixes).\n- zap_pid_ns_processes: clear TIF_NOTIFY_SIGNAL along with TIF_SIGPENDING (bsc#1241167).\n","id":"SUSE-SU-2025:20344-1","modified":"2025-05-23T07:28:27Z","published":"2025-05-23T07:28:27Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-202520344-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1215199"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223809"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224013"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224597"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224757"},{"type":"REPORT","url":"https://bugzilla.suse.com/1228659"},{"type":"REPORT","url":"https://bugzilla.suse.com/1230764"},{"type":"REPORT","url":"https://bugzilla.suse.com/1231103"},{"type":"REPORT","url":"https://bugzilla.suse.com/1232493"},{"type":"REPORT","url":"https://bugzilla.suse.com/1233075"},{"type":"REPORT","url":"https://bugzilla.suse.com/1233098"},{"type":"REPORT","url":"https://bugzilla.suse.com/1235501"},{"type":"REPORT","url":"https://bugzilla.suse.com/1235526"},{"type":"REPORT","url":"https://bugzilla.suse.com/1236086"},{"type":"REPORT","url":"https://bugzilla.suse.com/1236704"},{"type":"REPORT","url":"https://bugzilla.suse.com/1237111"},{"type":"REPORT","url":"https://bugzilla.suse.com/1238212"},{"type":"REPORT","url":"https://bugzilla.suse.com/1238471"},{"type":"REPORT","url":"https://bugzilla.suse.com/1238527"},{"type":"REPORT","url":"https://bugzilla.suse.com/1238714"},{"type":"REPORT","url":"https://bugzilla.suse.com/1238737"},{"type":"REPORT","url":"https://bugzilla.suse.com/1238742"},{"type":"REPORT","url":"https://bugzilla.suse.com/1238745"},{"type":"REPORT","url":"https://bugzilla.suse.com/1238862"},{"type":"REPORT","url":"https://bugzilla.suse.com/1238961"},{"type":"REPORT","url":"https://bugzilla.suse.com/1238983"},{"type":"REPORT","url":"https://bugzilla.suse.com/1239079"},{"type":"REPORT","url":"https://bugzilla.suse.com/1239108"},{"type":"REPORT","url":"https://bugzilla.suse.com/1239470"},{"type":"REPORT","url":"https://bugzilla.suse.com/1239476"},{"type":"REPORT","url":"https://bugzilla.suse.com/1239487"},{"type":"REPORT","url":"https://bugzilla.suse.com/1239510"},{"type":"REPORT","url":"https://bugzilla.suse.com/1239997"},{"type":"REPORT","url":"https://bugzilla.suse.com/1240181"},{"type":"REPORT","url":"https://bugzilla.suse.com/1240557"},{"type":"REPORT","url":"https://bugzilla.suse.com/1240576"},{"type":"REPORT","url":"https://bugzilla.suse.com/1240655"},{"type":"REPORT","url":"https://bugzilla.suse.com/1240709"},{"type":"REPORT","url":"https://bugzilla.suse.com/1240712"},{"type":"REPORT","url":"https://bugzilla.suse.com/1240713"},{"type":"REPORT","url":"https://bugzilla.suse.com/1240717"},{"type":"REPORT","url":"https://bugzilla.suse.com/1240740"},{"type":"REPORT","url":"https://bugzilla.suse.com/1240785"},{"type":"REPORT","url":"https://bugzilla.suse.com/1240802"},{"type":"REPORT","url":"https://bugzilla.suse.com/1240809"},{"type":"REPORT","url":"https://bugzilla.suse.com/1240811"},{"type":"REPORT","url":"https://bugzilla.suse.com/1240835"},{"type":"REPORT","url":"https://bugzilla.suse.com/1240934"},{"type":"REPORT","url":"https://bugzilla.suse.com/1240936"},{"type":"REPORT","url":"https://bugzilla.suse.com/1240944"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241010"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241038"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241051"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241123"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241151"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241167"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241175"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241204"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241250"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241265"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241266"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241280"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241332"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241333"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241341"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241343"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241344"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241347"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241357"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241361"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241369"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241371"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241373"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241378"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241394"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241402"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241412"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241413"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241416"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241424"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241426"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241433"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241436"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241441"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241442"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241443"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241451"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241452"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241456"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241458"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241459"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241526"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241528"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241537"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241541"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241545"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241547"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241548"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241550"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241573"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241574"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241575"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241578"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241590"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241593"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241598"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241599"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241601"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241626"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241640"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241648"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242006"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242044"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242172"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242283"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242307"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242313"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242314"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242315"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242321"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242326"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242327"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242328"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242332"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242333"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242335"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242336"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242342"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242343"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242344"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242345"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242346"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242347"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242348"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242414"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242526"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242528"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242534"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242535"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242536"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242537"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242538"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242539"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242540"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242546"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242556"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242596"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242710"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242778"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242831"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242985"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-53034"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-27018"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-27415"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-28956"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-35840"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-46763"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-46865"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-50083"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-50162"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-50163"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-56641"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-56702"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-57924"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-57998"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-58001"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-58068"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-58070"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-58088"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-58093"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-58094"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-58095"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-58096"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-58097"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-21683"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-21696"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-21707"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-21758"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-21768"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-21792"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-21808"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-21812"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-21833"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-21852"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-21853"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-21854"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-21867"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-21904"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-21925"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-21926"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-21931"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-21962"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-21963"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-21964"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-21980"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-21985"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-21999"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22004"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22015"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22016"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22017"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22018"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22020"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22025"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22027"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22029"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22033"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22036"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22044"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22045"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22050"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22053"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22055"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22058"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22060"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22062"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22064"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22065"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22075"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22080"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22086"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22088"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22090"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22093"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22097"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22102"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22104"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22105"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22106"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22107"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22108"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22109"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22115"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22116"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22121"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22128"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-23129"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-23131"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-23133"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-23136"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-23138"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-23145"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-37785"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-37798"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-37799"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-37860"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-39728"}],"related":["CVE-2023-53034","CVE-2024-27018","CVE-2024-27415","CVE-2024-28956","CVE-2024-35840","CVE-2024-46763","CVE-2024-46865","CVE-2024-50083","CVE-2024-50162","CVE-2024-50163","CVE-2024-56641","CVE-2024-56702","CVE-2024-57924","CVE-2024-57998","CVE-2024-58001","CVE-2024-58068","CVE-2024-58070","CVE-2024-58088","CVE-2024-58093","CVE-2024-58094","CVE-2024-58095","CVE-2024-58096","CVE-2024-58097","CVE-2025-21683","CVE-2025-21696","CVE-2025-21707","CVE-2025-21758","CVE-2025-21768","CVE-2025-21792","CVE-2025-21808","CVE-2025-21812","CVE-2025-21833","CVE-2025-21852","CVE-2025-21853","CVE-2025-21854","CVE-2025-21867","CVE-2025-21904","CVE-2025-21925","CVE-2025-21926","CVE-2025-21931","CVE-2025-21962","CVE-2025-21963","CVE-2025-21964","CVE-2025-21980","CVE-2025-21985","CVE-2025-21999","CVE-2025-22004","CVE-2025-22015","CVE-2025-22016","CVE-2025-22017","CVE-2025-22018","CVE-2025-22020","CVE-2025-22025","CVE-2025-22027","CVE-2025-22029","CVE-2025-22033","CVE-2025-22036","CVE-2025-22044","CVE-2025-22045","CVE-2025-22050","CVE-2025-22053","CVE-2025-22055","CVE-2025-22058","CVE-2025-22060","CVE-2025-22062","CVE-2025-22064","CVE-2025-22065","CVE-2025-22075","CVE-2025-22080","CVE-2025-22086","CVE-2025-22088","CVE-2025-22090","CVE-2025-22093","CVE-2025-22097","CVE-2025-22102","CVE-2025-22104","CVE-2025-22105","CVE-2025-22106","CVE-2025-22107","CVE-2025-22108","CVE-2025-22109","CVE-2025-22115","CVE-2025-22116","CVE-2025-22121","CVE-2025-22128","CVE-2025-23129","CVE-2025-23131","CVE-2025-23133","CVE-2025-23136","CVE-2025-23138","CVE-2025-23145","CVE-2025-37785","CVE-2025-37798","CVE-2025-37799","CVE-2025-37860","CVE-2025-39728"],"summary":"Security update for the Linux Kernel","upstream":["CVE-2023-53034","CVE-2024-27018","CVE-2024-27415","CVE-2024-28956","CVE-2024-35840","CVE-2024-46763","CVE-2024-46865","CVE-2024-50083","CVE-2024-50162","CVE-2024-50163","CVE-2024-56641","CVE-2024-56702","CVE-2024-57924","CVE-2024-57998","CVE-2024-58001","CVE-2024-58068","CVE-2024-58070","CVE-2024-58088","CVE-2024-58093","CVE-2024-58094","CVE-2024-58095","CVE-2024-58096","CVE-2024-58097","CVE-2025-21683","CVE-2025-21696","CVE-2025-21707","CVE-2025-21758","CVE-2025-21768","CVE-2025-21792","CVE-2025-21808","CVE-2025-21812","CVE-2025-21833","CVE-2025-21852","CVE-2025-21853","CVE-2025-21854","CVE-2025-21867","CVE-2025-21904","CVE-2025-21925","CVE-2025-21926","CVE-2025-21931","CVE-2025-21962","CVE-2025-21963","CVE-2025-21964","CVE-2025-21980","CVE-2025-21985","CVE-2025-21999","CVE-2025-22004","CVE-2025-22015","CVE-2025-22016","CVE-2025-22017","CVE-2025-22018","CVE-2025-22020","CVE-2025-22025","CVE-2025-22027","CVE-2025-22029","CVE-2025-22033","CVE-2025-22036","CVE-2025-22044","CVE-2025-22045","CVE-2025-22050","CVE-2025-22053","CVE-2025-22055","CVE-2025-22058","CVE-2025-22060","CVE-2025-22062","CVE-2025-22064","CVE-2025-22065","CVE-2025-22075","CVE-2025-22080","CVE-2025-22086","CVE-2025-22088","CVE-2025-22090","CVE-2025-22093","CVE-2025-22097","CVE-2025-22102","CVE-2025-22104","CVE-2025-22105","CVE-2025-22106","CVE-2025-22107","CVE-2025-22108","CVE-2025-22109","CVE-2025-22115","CVE-2025-22116","CVE-2025-22121","CVE-2025-22128","CVE-2025-23129","CVE-2025-23131","CVE-2025-23133","CVE-2025-23136","CVE-2025-23138","CVE-2025-23145","CVE-2025-37785","CVE-2025-37798","CVE-2025-37799","CVE-2025-37860","CVE-2025-39728"]}