- qemu
-
Fix bsc#1209554 (CVE-2023-1544)
* Patches added:
0296-hw-pvrdma-Protect-against-buggy-or-.patch
- runc
-
- Update to runc v1.3.4. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.3.4>. bsc#1254362
- Update to runc v1.3.3. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.3.3>. bsc#1252232
* CVE-2025-31133
* CVE-2025-52565
* CVE-2025-52881
- Remove upstreamed patches for bsc#1252232:
- 2025-11-05-CVEs.patch
[ This update was only released for SLE 12 and 15. ]
- Backport patches for three CVEs. All three vulnerabilities ultimately allow
(through different methods) for full container breakouts by bypassing runc's
restrictions for writing to arbitrary /proc files. bsc#1252232
* CVE-2025-31133
* CVE-2025-52565
* CVE-2025-52881
+ 2025-11-05-CVEs.patch
[ This update was only released for SLE 12 and 15. ]
- Update to runc v1.2.7. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.2.7>.
- Update to runc v1.3.2. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.3.2> bsc#1252110
- Includes an important fix for the CPUSet translation for cgroupv2.
- Update to runc v1.3.1. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.3.1>
- Fix runc 1.3.x builds on SLE-12 by enabling --std=gnu11.
- Update to runc v1.3.0. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.3.0>
- gnutls
-
- Security fix bsc#1254132 CVE-2025-9820
* Fix buffer overflow in gnutls_pkcs11_token_init
* Added gnutls-CVE-2025-9820.patch
- _product:sle-sdk-release
-
n/a
- vim
-
- Fix for bsc#1229750.
- nocompatible must be set before the syntax highlighting is turned on.
- bash
-
- Add patch bsc1245199.patch
* Fix histfile missing timestamp for the oldest record (bsc#1245199)
- libtasn1
-
- Security fix: [bsc#1256341, CVE-2025-13151]
* Stack-based buffer overflow. The function asn1_expend_octet_string()
fails to validate the size of input data resulting in a buffer overflow.
* Add libtasn1-CVE-2025-13151.patch
- openssh
-
- Add openssh-cve-2025-61984-username-validation.patch
(bsc#1251198, CVE-2025-61984).
- libpcap
-
- Security fix: [bsc#1255765, CVE-2025-11961]
* Fix out-of-bound-write and out-of-bound-read in pcap_ether_aton()
due to missing validation of provided MAC-48 address string
* Add libpcap-CVE-2025-11961.patch
- libpng16
-
- security update
- added patches
CVE-2026-22695 [bsc#1256525], Heap buffer over-read in png_image_finish_read
* libpng16-CVE-2026-22695.patch
- security update
- added patches
CVE-2025-66293 [bsc#1254480], LIBPNG out-of-bounds read in png_image_read_composite
* libpng16-CVE-2025-66293-1.patch
* libpng16-CVE-2025-66293-2.patch
- security update
- modified patches
* libpng16-1.6.8-CVE-2014-0333.patch (-p1)
* libpng16-CVE-2014-9495.patch (-p1)
* libpng16-CVE-2015-0973.patch (-p1)
* libpng16-CVE-2015-8126-complete.patch (-p1)
* libpng16-CVE-2015-8126.patch (-p1)
- added patches
CVE-2025-64505 [bsc#1254157], heap buffer over-read in `png_do_quantize` via malformed palette index
* libpng16-CVE-2025-64505.patch
CVE-2025-64506 [bsc#1254158], heap buffer over-read in `png_write_image_8bit` with 8-bit input and `convert_to_8bit` enabled
* libpng16-CVE-2025-64506.patch
CVE-2025-64720 [bsc#1254159], buffer overflow in `png_image_read_composite` via incorrect palette premultiplication
* libpng16-CVE-2025-64720.patch
CVE-2025-65018 [bsc#1254160], heap buffer overflow in `png_combine_row` triggered via `png_image_finish_read`
* libpng16-CVE-2025-65018.patch
- python-pyasn1
-
- fix regression in tests from CVE-2026-23490.patch (bsc#1257129)
- Add CVE-2026-23490.patch to fix CVE-2026-23490 (bsc#1256902)
- libyui-ncurses
-
- Backport: Prevent buffer overflow when drawing very wide labels
(originally for bsc#1211354, now also for bsc#1247975)
- 2.48.3
- curl
-
- Security fix: [bsc#1256105, CVE-2025-14017]
* call ldap_init() before setting the options
* Add patch curl-CVE-2025-14017.patch
- Security fixes:
* [bsc#1255731, CVE-2025-14524] bearer token leak on cross-protocol redirect
* [bsc#1255733, CVE-2025-15079] set both knownhosts options to the same file
* [bsc#1255732, CVE-2025-14819] toggling CURLSSLOPT_NO_PARTIALCHAIN makes a different CA cache
* Add patches:
- curl-CVE-2025-14524.patch
- curl-CVE-2025-15079.patch
- curl-CVE-2025-14819.patch
- pciutils
-
- pciutils.spec: Add a strict dependency to libpci. [bsc#1252338]
Mixing different versions of pciutils and libpci could result in
a segmentation fault due to incompatible ABI.
- mozilla-nspr
-
- update to NSPR 4.36.2
* Fixed a syntax error in test file parsetm.c,
which was introduced in 4.36.1
- update to NSPR 4.36.1
* Incorrect time value produced by PR_ParseTimeString and
PR_ParseTimeStringToExplodedTime if input string doesn't
specify seconds.
- openssl-1_0_0
-
- Security fixes:
* Missing ASN1_TYPE validation in PKCS#12 parsing
* ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function
- openssl-CVE-2026-22796.patch [bsc#1256840, CVE-2026-22796]
* Missing ASN1_TYPE validation in TS_RESP_verify_response() function
- openssl-CVE-2025-69420.patch [bsc#1256837, CVE-2025-69420]
* NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function
- openssl-CVE-2025-69421.patch [bsc#1256838, CVE-2025-69421]
* Heap out-of-bounds write in BIO_f_linebuffer on short writes
- openssl-CVE-2025-68160.patch [bsc#1256834, CVE-2025-68160]
- xen
-
- bsc#1256745 - VUL-0: CVE-2025-58150: xen: x86: buffer overrun
with shadow paging + tracing (XSA-477)
xsa477.patch
- bsc#1256747 - VUL-0: CVE-2026-23553: xen: x86: incomplete IBPB
for vCPU isolation (XSA-479)
xsa479.patch
- bsc#1252692 - VUL-0: CVE-2025-58149: xen: incorrect removal of
permissions on PCI device unplug allows PV guests to access
memory of devices no longer assigned to it (XSA-476)
xsa476.patch
- libxslt
-
- security update
- added patches
CVE-2025-11731 [bsc#1251979], type confusion in exsltFuncResultCompfunction leading to denial of service
* libxslt-CVE-2025-11731.patch
- propagate test failure into build failure
- added sources
* libxslt-test-results.ref
- amazon-ssm-agent
-
- Add CVE-2025-47913.patch to fix an SSH client process terminating
when receiving an unexpected message type in response to a key
listing or signing request (bsc#1253611, CVE-2025-47913)
- python
-
- Add CVE-2025-13836-http-resp-cont-len.patch (bsc#1254400,
CVE-2025-13836) to prevent reading an HTTP response from
a server, if no read amount is specified, with using
Content-Length per default as the length.
- Add CVE-2025-12084-minidom-quad-search.patch prevent quadratic
behavior in node ID cache clearing (CVE-2025-12084,
bsc#1254997).
- Add CVE-2025-8291-consistency-zip64.patch which checks
consistency of the zip64 end of central directory record, and
preventing obfuscation of the payload, i.e., you scanning for
malicious content in a ZIP file with one ZIP parser (let's say
a Rust one) then unpack it in production with another (e.g.,
the Python one) and get malicious content that the other parser
did not see (CVE-2025-8291, bsc#1251305)
- cups
-
- cups-1.7.5-CVE-2025-61915.patch is based on
https://github.com/OpenPrinting/cups-ghsa-hxm8-vfpq-jrfc/pull/2
backported to CUPS 1.7.5 to fix CVE-2025-61915
"Local denial-of-service via cupsd.conf update
and related issues"
https://github.com/OpenPrinting/cups/security/advisories/GHSA-hxm8-vfpq-jrfc
bsc#1253783
- In general regarding CUPS security issues and/or DoS issues see
https://en.opensuse.org/SDB:CUPS_and_SANE_Firewall_settings
- glib2
-
- Add glib2-CVE-2026-0988.patch: fix a potential integer overflow
in g_buffered_input_stream_peek (bsc#1257049 CVE-2026-0988
glgo#GNOME/glib#3851).
- Add CVE fixes:
+ glib2-CVE-2025-13601.patch (bsc#1254297 CVE-2025-13601
glgo#GNOME/glib#3827).
+ glib2-CVE-2025-14087-1.patch, glib2-CVE-2025-14087-2.patch,
glib2-CVE-2025-14087-3.patch (bsc#1254662 CVE-2025-14087
glgo#GNOME/glib#3834).
+ glib2-CVE-2025-14512.patch (bsc#1254878 CVE-2025-14512
glgo#GNOME/glib#3845).
- Add glib2-CVE-2025-7039.patch: fix computation of temporary file
name (bsc#1249055 CVE-2025-7039 glgo#GNOME/glib#3716).
- rsync
-
- Fix bsc#1252351
* Fix order of cihpers in rsync-fix-daemon-proto-32.patch
* rsync client from SLES 12SP5 LTSS fails with "auth failed on module" after installing rsync-3.1.3-3.31.1
- Security update (CVE-2025-10158, bsc#1254441): rsync: Out of
bounds array access via negative index
- Add rsync-CVE-2025-10158.patch
- containerd
-
- Update to containerd v1.7.29. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.29>
* CVE-2024-25621 bsc#1253126
* CVE-2025-64329 bsc#1253132
- Rebase patches:
* 0001-BUILD-SLE12-revert-btrfs-depend-on-kernel-UAPI-inste.patch
- Update to containerd v1.7.28. Upstream release notes:
<https://github.com/containerd/containerd/releases/tag/v1.7.28>
- bind
-
- Security Fixes:
* Address various spoofing attacks.
[CVE-2025-40778, bsc#1252379, bind-9.11-CVE-2025-40778.patch]
- docker
-
- Enable SELinux in default daemon.json config (--selinux-enabled). This has no
practical impact on non-SELinux systems. bsc#1252290
- Update to Docker 28.5.1-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/28/#2851>
- Rebased patches:
* 0001-SECRETS-SUSE-always-clear-our-internal-secrets.patch
* 0002-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0003-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0004-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
* 0005-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0006-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
* cli-0001-openSUSE-point-users-to-docker-buildx-package.patch
* cli-0002-SECRETS-SUSE-default-to-DOCKER_BUILDKIT-0-for-docker.patch
- Remove upstreamed patch:
- 0007-Add-back-vendor.sum.patch
- Update to Docker 28.5.0-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/28/#2850>
- Backport <https://github.com/moby/moby/pull/51091> to re-add vendor.sum,
fixing our builds.
+ 0007-Add-back-vendor.sum.patch
- Rebased patches:
* 0001-SECRETS-SUSE-always-clear-our-internal-secrets.patch
* 0002-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0003-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0004-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
* 0005-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0006-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
* cli-0001-openSUSE-point-users-to-docker-buildx-package.patch
* cli-0002-SECRETS-SUSE-default-to-DOCKER_BUILDKIT-0-for-docker.patch
- Update to docker-buildx v0.29.0. Upstream changelog:
<https://github.com/docker/buildx/releases/tag/v0.29.0>
- Remove git-core recommends also on openSUSE: the below argument
is valid for those users too.
- Remove git-core recommends on SLE. Most SLE systems have
installRecommends=yes by default and thus end up installing git with Docker.
bsc#1250508
This feature is mostly intended for developers ("docker build git://") so
most users already have the dependency installed, and the error when git is
missing is fairly straightforward (so they can easily figure out what they
need to install).
- python3
-
- Readjust CVE-2025-4435-normalize-lnk-trgts-tarfile.patch on the
top of the previous patch. Security fixes for CVE-2025-4517,
CVE-2025-4330, CVE-2025-4138, CVE-2024-12718, CVE-2025-4435 on
tarfile (bsc#1244032, bsc#1244061, bsc#1244059, bsc#1244060,
bsc#1244056). The backported fixes do not contain changes for
ntpath.py and related tests, because the support for symlinks
and junctions were added later in Python 3.9, and it does not
make sense to backport them to 3.6 here. The patch is contains
the following changes:
- python@42deeab fixes symlink handling for tarfile.data_filter
- python@9d2c2a8 fixes handling of existing files/symlinks in
tarfile
- python@00af979 adds a new "strict" argument to realpath()
- python@dd8f187 fixes mulriple CVE fixes in the tarfile module
- downstream only fixes that makes the changes work and
compatible with Python 3.6
- Readjust CVE-2025-8194-tarfile-no-neg-offsets.patch on the top
of the previous two patches
- Add remove-usr-local-bin-shebangs.patch for removing two
shebangs with /usr/local/bin/python (with the complexity of the
current patchset fiddling with the files with `sed` makes those
patches unmaintainable).
- Finally ported CVE-2007-4559-filter-tarfile_extractall.patch
for Python 3.4 (CVE-2007-4559, bsc#1203750, bsc#1251841).
- Add CVE-2025-13836-http-resp-cont-len.patch (bsc#1254400,
CVE-2025-13836) to prevent reading an HTTP response from
a server, if no read amount is specified, with using
Content-Length per default as the length.
- Add CVE-2025-12084-minidom-quad-search.patch prevent quadratic
behavior in node ID cache clearing (CVE-2025-12084,
bsc#1254997).
- Add CVE-2025-13837-plistlib-mailicious-length.patch protect
against OOM when loading malicious content (CVE-2025-13837,
bsc#1254401).
- Fix the build system with two patches:
- spc-tab-Makefile-pre-in.patch there are space-indended lines
in the Makefile.pre.in in tarball (!!!), fix that
- Modules_Setup.patch, Modules/makesetup script is kind of
broken (gh#python/cpython!4338 among others)
- time-static.patch make time module statically built into the
interpreter
- Add s390-build.patch to skip failing test on s390.
- Add CVE-2025-6075-expandvars-perf-degrad.patch avoid simple
quadratic complexity vulnerabilities of os.path.expandvars()
(CVE-2025-6075, bsc#1252974).
- Add also two small patches:
- lchmod-non-support.patch adding @requires_lchmod operator
for skipping tests on platforms were changing the mode of
symbolic links is supported (which it isn’t in SLE-12,
apparently).
- locale-test_float_with_commad.patch for decoding byte strings
in localeconv() for consistent output
- Update pip wheel to pip-20.2.3-py2.py3-none-any.whl.
- Add CVE-2025-8291-consistency-zip64.patch which checks
consistency of the zip64 end of central directory record, and
preventing obfuscation of the payload, i.e., you scanning for
malicious content in a ZIP file with one ZIP parser (let's say
a Rust one) then unpack it in production with another (e.g.,
the Python one) and get malicious content that the other parser
did not see (CVE-2025-8291, bsc#1251305)
- Readjust patches while synchronizing between openSUSE and SLE trees:
- 99366-patch.dict-can-decorate-async.patch
- CVE-2007-4559-filter-tarfile_extractall.patch
- CVE-2020-10735-DoS-no-limit-int-size.patch
- CVE-2024-6232-ReDOS-backtrack-tarfile.patch
- CVE-2025-4435-normalize-lnk-trgts-tarfile.patch
- CVE-2025-8194-tarfile-no-neg-offsets.patch
- python-3.6.0-multilib-new.patch
- python3-sorted_tar.patch
- mozilla-nss
-
- Add bmo1990242.patch to move NSS DB password hash away from SHA-1
- update to NSS 3.112.2
* bmo#1970079 - Prevent leaks during pkcs12 decoding.
* bmo#1988046 - SEC_ASN1Decode* should ensure it has read as many bytes as each length field indicates
- Adding patch bmo1980465.patch to fix bug on s390x (bmo#1980465)
- Adding patch bmo1956754.patch to fix possible undefined behaviour (bmo#1956754)
- update to NSS 3.112.1
* bmo#1982742 - restore support for finding certificates by decoded serial number.
- grub2
-
- Fix CVE-2025-54771 (bsc#1252931)
* 0001-kern-file-Call-grub_dl_unref-after-fs-fs_close.patch
- Fix CVE-2025-61662 (bsc#1252933)
* 0002-gettext-gettext-Unregister-gettext-command-on-module.patch
- Fix CVE-2025-61663 (bsc#1252934)
- Fix CVE-2025-61664 (bsc#1252935)
* 0003-normal-main-Unregister-commands-on-module-unload.patch
* 0004-tests-lib-functional_test-Unregister-commands-on-mod.patch
- Fix CVE-2025-61661 (bsc#1252932)
* 0005-commands-usbtest-Use-correct-string-length-field.patch
* 0006-commands-usbtest-Ensure-string-length-is-sufficient-.patch
- Bump upstream SBAT generation to 6
- libxml2
-
- security update
- added patches
https://gitlab.gnome.org/GNOME/libxml2/-/commit/852c93a2dc2224f020aab55a9702f992db404836
* libxml2-CVE-2025-9714-0.patch
https://gitlab.gnome.org/GNOME/libxml2/-/commit/5153c7baceca65f575efdcbb0244860d97031f96
* libxml2-CVE-2025-9714-1.patch
https://gitlab.gnome.org/GNOME/libxml2/-/commit/64115ed62dd01dab81a9157a54738523fe117333
* libxml2-CVE-2025-9714-2.patch
https://gitlab.gnome.org/GNOME/libxml2/-/commit/2d97a97aa515f1bd3efc35c8ea2aa68676c6f8e1
* libxml2-CVE-2025-9714-3.patch
https://gitlab.gnome.org/GNOME/libxml2/-/commit/012f8e92847a4e5ff684e7bd8e81a0b1ad104e32
* libxml2-CVE-2025-9714-4.patch
https://gitlab.gnome.org/GNOME/libxml2/-/commit/949eced484520bdde3348e55eba048501b809127
* libxml2-CVE-2025-9714-5.patch
https://gitlab.gnome.org/GNOME/libxml2/-/commit/390f05e7033fa8658f310dce9704f4f88e84b7fe
* libxml2-CVE-2025-9714-6.patch
https://gitlab.gnome.org/GNOME/libxml2/-/commit/429d4ecaae5d61d591f279220125a583836fb84e
* libxml2-CVE-2025-9714-7.patch
https://gitlab.gnome.org/GNOME/libxml2/-/commit/6f1470a5d6e3e369fe93f52d5760ba7c947f0cd1
* libxml2-CVE-2025-9714-8.patch
https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21
* libxml2-CVE-2025-9714.patch
- security update
- added patches
CVE-2025-8732 [bsc#1247850], infinite recursion in catalog parsing functions when processing malformed SGML catalog files
* libxml2-CVE-2025-8732.patch
- kernel-default
-
- Fix hugetlb locking regression (bsc#1256684)
Refresh
patches.suse/mm-hugetlb-fix-UAF-in-hugetlb_handle_userfault.patch.
- commit 9a8d34e
- Refresh
patches.suse/mm-hugetlb-fix-UAF-in-hugetlb_handle_userfault.patch.
Add a missing hunk which caused bsc#1256684.
- commit 85d641b
- Remove patches.suse/fbdev-bitblit-bound-check-glyph-index-in-bit_putcs.patch (bsc#1256516)
This patch regresses fbcon output. We'll re-merge when the fix is ready.
- commit 394393a
- Bluetooth: Fix race condition in hidp_session_thread
(CVE-2023-54120 bsc#1256133).
- commit 5460154
- Update bug reference for patches.suse/drm-amdgpu-Fix-potential-NULL-dereference.patch (bsc#1251738)
- commit d91a743
- amdgpu: validate offset_in_bo of drm_amdgpu_gem_va
(CVE-2023-53819 bsc#1254712).
- Refresh
patches.suse/0001-drm-amdgpu-validate-the-parameters-of-bo-mapping-ope.patch.
- commit 7ec6aaf
- mm: hugetlb: fix UAF in hugetlb_handle_userfault (CVE-2022-50630
bsc#1254785).
- commit a1aa6ca
- Update
patches.suse/0002-drm-client-Fix-memory-leak-in-drm_client_target_clon.patch
(bsc#1152446 CVE-2023-54091 bsc#1256274).
- Update
patches.suse/PCI-Fix-pci_device_is_present-for-VFs-by-checking-PF.patch
(git-fixes CVE-2022-50636 bsc#1254645).
- Update
patches.suse/RDMA-mlx4-Prevent-shift-wrapping-in-set_user_sq_size.patch
(git-fixes CVE-2023-54168 bsc#1256053).
- Update
patches.suse/Revert-Bluetooth-btsdio-fix-use-after-free-bug-in-bt.patch
(git-fixes CVE-2023-54197 bsc#1255969).
- Update
patches.suse/SUNRPC-Don-t-leak-netobj-memory-when-gss_read_proxy_.patch
(git-fixes CVE-2022-50821 bsc#1256242).
- Update patches.suse/USB-sisusbvga-Add-endpoint-checks.patch
(git-fixes CVE-2023-54213 bsc#1255953).
- Update
patches.suse/af_unix-Fix-data-races-around-sk-sk_shutdown.patch-e1d09c2c
(bsc#1226846 CVE-2023-54226 bsc#1255841).
- Update
patches.suse/audit-fix-possible-soft-lockup-in-__audit_inode_chil.patch
(git-fixes CVE-2023-54045 bsc#1256285).
- Update
patches.suse/blk-cgroup-Fix-NULL-deref-caused-by-blkg_policy_data-being-installed-before-init.patch
(bsc#1216062 bsc#1225203 CVE-2023-54271 bsc#1255902).
- Update
patches.suse/btrfs-fix-lockdep-splat-and-potential-deadlock-after.patch
(git-fixes CVE-2023-54224 bsc#1255951).
- Update
patches.suse/btrfs-fix-race-when-deleting-quota-root-from-the-dir.patch
(git-fixes CVE-2023-54032 bsc#1255617).
- Update
patches.suse/cifs-Fix-lost-destroy-smbd-connection-when-MR-allocate-failed.patch
(bsc#1190317 CVE-2023-54260 bsc#1255878).
- Update
patches.suse/cifs-Fix-the-error-length-of-VALIDATE_NEGOTIATE_INFO-message.patch
(bsc#1190317 CVE-2022-50859 bsc#1256172).
- Update
patches.suse/cifs-Fix-xid-leak-in-cifs_copy_file_range-.patch
(bsc#1190317 CVE-2022-50643 bsc#1254631).
- Update
patches.suse/dm-flakey-don-t-corrupt-the-zero-page-f507.patch
(git-fixes CVE-2023-54317 bsc#1255771).
- Update
patches.suse/dm-flakey-fix-a-crash-with-invalid-table-line-98db.patch
(git-fixes CVE-2023-53786 bsc#1254916).
- Update
patches.suse/ext4-fix-bug_on-in-__es_tree_search-caused-by-bad-bo.patch
(bsc#1207620 CVE-2022-50638 bsc#1255469).
- Update
patches.suse/ext4-fix-deadlock-due-to-mbcache-entry-corruption.patch
(bsc#1207653 CVE-2022-50668 bsc#1254763).
- Update
patches.suse/ext4-set-goal-start-correctly-in-ext4_mb_normalize_r.patch
(bsc#1214940 CVE-2023-54021 bsc#1255600).
- Update
patches.suse/ext4-silence-the-warning-when-evicting-inode-with-di.patch
(bsc#1206889 CVE-2022-50730 bsc#1256048).
- Update
patches.suse/fs-sysv-Null-check-to-prevent-null-ptr-deref-bug.patch
(git-fixes CVE-2023-54264 bsc#1255872).
- Update patches.suse/hfs-Fix-OOB-Write-in-hfs_asc2mac.patch
(git-fixes CVE-2022-50747 bsc#1256432).
- Update
patches.suse/hfs-fix-missing-hfs_bnode_get-in-__hfs_bnode_create.patch
(git-fixes CVE-2023-53862 bsc#1254994).
- Update
patches.suse/hfs-hfsplus-avoid-WARN_ON-for-sanity-check-use-prope.patch
(git-fixes CVE-2023-54130 bsc#1256114).
- Update
patches.suse/igb-clean-up-in-all-error-paths-when-enabling-SR-IOV.patch
(git-fixes CVE-2023-54070 bsc#1256364).
- Update
patches.suse/inotify-Avoid-reporting-event-with-invalid-wd.patch
(bsc#1213025 CVE-2023-54119 bsc#1256349).
- Update
patches.suse/ipmi-fix-use-after-free-in-_ipmi_destroy_user.patch
(git-fixes CVE-2022-50677 bsc#1254692).
- Update
patches.suse/keys-Fix-linking-a-duplicate-key-to-a-keyring-s-asso.patch
(bsc#1207088 CVE-2023-54170 bsc#1256045).
- Update
patches.suse/l2tp-Avoid-possible-recursive-deadlock-in-l2tp_tunne.patch
(CVE-2023-53020 bsc#1240224 CVE-2023-53809 bsc#1254722).
- Update
patches.suse/md-raid1-stop-mdx_raid1-thread-when-raid1-array-run-failed-b611.patch
(git-fixes CVE-2022-50715 bsc#1255749).
- Update
patches.suse/md-raid10-fix-memleak-for-conf-bio_split-c9ac.patch
(git-fixes CVE-2023-54123 bsc#1256142).
- Update
patches.suse/md-raid10-fix-memleak-of-md-thread-f0dd.patch
(git-fixes CVE-2023-54294 bsc#1255802).
- Update
patches.suse/md-raid10-fix-null-ptr-deref-in-raid10_sync_request-a405.patch
(git-fixes CVE-2023-53832 bsc#1254671).
- Update
patches.suse/media-dvb-usb-m920x-Fix-a-potential-memory-leak-in-m.patch
(git-fixes CVE-2023-54266 bsc#1255875).
- Update
patches.suse/media-usb-siano-Fix-use-after-free-bugs-caused-by-do.patch
(bsc#1213969 CVE-2023-4132 CVE-2023-54270 bsc#1255901).
- Update
patches.suse/net-do-not-allow-gso_size-to-be-set-to-GSO_BY_FRAGS.patch
(git-fixes CVE-2023-54051 bsc#1256394).
- Update
patches.suse/net-ieee802154-don-t-warn-zero-sized-raw_sendmsg.patch
(CVE-2022-49975 bsc#1245196 CVE-2022-50706 bsc#1255581).
- Update
patches.suse/orangefs-Fix-kmemleak-in-orangefs_prepare_debugfs_help_string.patch
(git-fixes CVE-2022-50779 bsc#1256423).
- Update
patches.suse/perf-x86-intel-uncore-Fix-reference-count-leak-in-snr_uncore_mmio_map.patch
(jsc#PED-5023 bsc#1211439 (git-fixes) CVE-2022-50615
bsc#1254580).
- Update
patches.suse/powerpc-iommu-Fix-notifiers-being-shared-by-PCI-and-.patch
(bsc#1065729 CVE-2023-54095 bsc#1256271).
- Update
patches.suse/powerpc-pseries-fix-possible-memory-leak-in-ibmebus_.patch
(bsc#1065729 CVE-2023-54017 bsc#1255605).
- Update
patches.suse/powerpc-rtas-avoid-device-tree-lookups-in-rtas_os_te.patch
(bsc#1065729 CVE-2022-50870 bsc#1256154).
- Update
patches.suse/pstore-Avoid-kcore-oops-by-vmap-ing-with-VM_IOREMAP.patch
(git-fixes CVE-2022-50849 bsc#1256193).
- Update patches.suse/quota-fix-warning-in-dqgrab.patch
(bsc#1214962 CVE-2023-54177 bsc#1255993).
- Update
patches.suse/s390-lcs-Fix-return-type-of-lcs_start_xmit.patch
(git-fixes bsc#1212173 CVE-2022-50728 bsc#1256046).
- Update
patches.suse/s390-vfio-ap-fix-memory-leak-in-vfio_ap-device-drive.patch
(git-fixes CVE-2023-53746 bsc#1254617).
- Update
patches.suse/scsi-hpsa-Fix-possible-memory-leak-in-hpsa_init_one.patch
(git-fixes CVE-2022-50646 bsc#1254634).
- Update patches.suse/scsi-ipr-Fix-WARNING-in-ipr_init.patch
(git-fixes CVE-2022-50850 bsc#1256194).
- Update
patches.suse/scsi-lpfc-Fix-ioremap-issues-in-lpfc_sli4_pci_mem_setup.patch
(git-fixes CVE-2023-53754 bsc#1254609).
- Update
patches.suse/scsi-qedf-Fix-NULL-dereference-in-error-handling.patch
(git-fixes CVE-2023-54289 bsc#1255806).
- Update
patches.suse/scsi-qla2xxx-Array-index-may-go-out-of-bound.patch
(bsc#1213747 CVE-2023-54179 bsc#1255994).
- Update
patches.suse/scsi-qla2xxx-Check-valid-rport-returned-by-fc_bsg_to.patch
(bsc#1213747 CVE-2023-54014 bsc#1256300).
- Update
patches.suse/scsi-qla2xxx-fix-dma-api-call-trace-on-nvme-ls-requests.patch
(bsc#1208570 CVE-2023-54108 bsc#1256355).
- Update
patches.suse/scsi-ses-Fix-slab-out-of-bounds-in-ses_enclosure_data_process.patch
(git-fixes CVE-2023-53803 bsc#1255165).
- Update
patches.suse/scsi-snic-Fix-possible-UAF-in-snic_tgt_create.patch
(git-fixes CVE-2022-50840 bsc#1256208).
- Update
patches.suse/serial-8250-Fix-oops-for-port-pm-on-uart_change_pm.patch
(CVE-2023-53176 bsc#1249991 CVE-2023-54220 bsc#1255949).
- Update
patches.suse/tpm-tpm_tis-Add-the-missed-acpi_put_table-to-fix-mem.patch
(bsc#1082555 CVE-2022-50824 bsc#1256334).
- Update
patches.suse/tpm-tpm_vtpm_proxy-fix-a-race-condition-in-dev-vtpmx.patch
(bsc#1082555 CVE-2023-54309 bsc#1255780).
- Update
patches.suse/tracing-Fix-warning-in-trace_buffered_event_disable.patch
(git-fixes bsc#1217036 CVE-2023-54211 bsc#1255843).
- Update patches.suse/udf-Avoid-double-brelse-in-udf_rename.patch
(bsc#1213032 CVE-2022-50755 bsc#1256199).
- Update
patches.suse/usb-early-xhci-dbc-Fix-a-potential-out-of-bound-memo.patch
(git-fixes CVE-2023-53840 bsc#1254709).
- Update
patches.suse/usb-idmouse-fix-an-uninit-value-in-idmouse_open.patch
(git-fixes CVE-2022-50733 bsc#1256064).
- Update
patches.suse/usb-rndis_host-Secure-rndis_query-check-against-int-.patch
(CVE-2023-23559 bsc#1207051 CVE-2023-54110 bsc#1256353).
- Update
patches.suse/usb-storage-alauda-Fix-uninit-value-in-alauda_check_.patch
(git-fixes CVE-2023-53847 bsc#1254698).
- Update
patches.suse/usb-typec-altmodes-displayport-fix-pin_assignment_sh.patch
(git-fixes CVE-2023-54186 bsc#1255985).
- Update
patches.suse/x86-kexec-Fix-double-free-of-elf-header-buffer.patch
(git-fixes CVE-2022-49546 bsc#1238750 CVE-2023-54146
bsc#1256091).
- Update
patches.suse/x86-xen-Fix-memory-leak-in-xen_init_lock_cpu.patch
(git-fixes CVE-2022-50761 bsc#1256062).
- Update
patches.suse/xfrm-also-call-xfrm_state_delete_tunnel-at-destroy-time-fo.patch
(CVE-2025-40215 bsc#1254959 CVE-2025-40256 bsc#1254851).
- commit f394de5
- Update
patches.suse/x86-srso-add-a-speculative-ras-overflow-mitigation.patch
(bsc#1213287, CVE-2023-20569, bsc#1256129, CVE-2022-50879).
- commit 63563aa
- dm cache: free background tracker's queued work in
btracker_destroy (CVE-2023-53765, bsc#1254912).
- commit b7e0246
- drm/amdgpu: Fix potential NULL dereference (bsc#1251238)
- commit d24edfc
- drm/amdgpu: Fix size validation for non-exclusive domains (v4) (CVE-2022-50527 bsc#1251738)
- commit 256fea7
- wifi: brcmfmac: fix invalid address access when enabling SCAN log level (CVE-2022-50678 bsc#1254902)
- commit 667f172
- mmc: core: Fix kernel panic when remove non-standard SDIO card (CVE-2022-50640 bsc#1254686)
Refresh patches/patches.suse/mmc-sdio-fix-possible-resource-leaks-in-some-error-p.patch for context.
- commit 86efd5b
- nfc: pn533: Clear nfc_target before being used (CVE-2022-50656 bsc#1254745)
- commit 7246feb
- ALSA: usb-audio: Fix NULL pointer dereference in snd_usb_mixer_controls_badd (CVE-2025-40275 bsc#1254829)
- commit 8d37c6b
- net: sched: act_ife: initialize struct tc_ife to fix KMSAN
kernel-infoleak (CVE-2025-40278 bsc#1254825).
- commit 51664e0
- team: Move team device type change at the end of team_port_add
(CVE-2025-68340 bsc#1255507).
- net: qlogic/qede: fix potential out-of-bounds read in
qede_tpa_cont() and qede_tpa_end() (CVE-2025-40252 bsc#1254849).
- net: stmmac: Correctly handle Rx checksum offload errors
(CVE-2025-40337 bsc#1255081).
- iavf: use internal state to free traffic IRQs (CVE-2023-53850
bsc#1254677).
- net/net_failover: fix txq exceeding warning (CVE-2023-54236
bsc#1255922).
- commit ab9819b
- Bluetooth: L2CAP: Fix potential user-after-free (CVE-2023-54214
bsc#1255954).
- commit 99d8a13
- wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write
backtrace (CVE-2023-54286 bsc#1255803).
- commit 119b74e
- ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set()
(CVE-2023-53788 bsc#1254917).
- commit d36df4f
- media: mediatek: vcodec: Fix potential array out-of-bounds in
decoder queue_setup (CVE-2023-53748 bsc#1254907).
- commit 31217ab
- Revert "btrfs: tree-checker: Refactor root key check into separate function (bsc#1251748)"
This reverts commit b60efb96f6512618cec7832baf77ad7d368cfc95.
- commit e85541c
- Revert "btrfs: reject invalid reloc tree root keys with stack dump (CVE-2023-53618 bsc#1251748)"
This reverts commit 1015f12fd5cca42dd5f38e97a308eeefc26f2dc5.
- commit 6191ab1
- Refresh patches.suse/ipv6-use-RCU-in-ip6_xmit.patch (bsc#1255959)
- commit 73489ad
- wifi: ath9k: avoid referencing uninit memory in
ath9k_wmi_ctrl_rx (CVE-2023-54300 bsc#1255790).
- commit 2e30457
- fbdev: bitblit: bound-check glyph index in bit_putcs* (bsc#1255092 CVE-2025-40322)
- commit 66bfa5a
- wifi: ath10k: Delay the unmapping of the buffer (CVE-2022-50700
bsc#1255576).
- commit f2d1c9b
- kabi/severities: ignore kABI breakage in atheros WiFi
Extend kABI severity quirks to tot only ath9k but other atheros WiFi drivers
Those symbols are only used locally, hence not for 3rd parties
- commit 3e22274
- Bluetooth: bcsp: receive data only if registered (CVE-2025-40308
bsc#1255064).
- commit 68b7fd3
- ALSA: usb-audio: Fix potential overflow of PCM transfer buffer
(CVE-2025-40269 bsc#1255035).
- commit 3a18895
- wifi: brcmfmac: fix crash while sending Action Frames in
standalone AP Mode (CVE-2025-40321 bsc#1254795).
- commit 807acc6
- net: sched: act_connmark: initialize struct tc_ife to fix
kernel leak (CVE-2025-40279 bsc#1254846).
- commit dacd4a6
- fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds (bsc#1255034 CVE-2025-40304)
- commit c06cf4e
- sctp: avoid NULL dereference when chunk data buffer is missing
(CVE-2025-40240 bsc#1254869).
- commit 65c4aba
- hfs: validate record offset in hfsplus_bmap_alloc
(CVE-2025-40349 bsc#1255280).
- commit f2d5c12
- hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat()
(CVE-2025-40351 bsc#1255281).
- commit 726272a
- ring-buffer: Do not swap cpu_buffer during resize process
(CVE-2023-53718 bsc#1252564).
- commit dde7681
- Move BPF kABI workarounds to the correct section
The kABI workaround for BPF backports are place at the end of
series.conf with the assumption that the "kABI consistency patches" is
at the end of series.conf. However that is not the case for SLE12-SP5.
Move them to under "kABI consistency patches".
- commit e8306c5
- Move kabi-fix-for-prevent-bpf-program-recursion-for-raw-tracepoint-probes.patch to patches.kabi
The kABI workaround was accidentally placed into patches.suse directly
by mistake, move it to the patches.kabi directory, where kABI workaround
should live.
- commit e2454a0
- kABI workaround for bpf: Enforce expected_attach_type for
tailcall compatibility (CVE-2025-40123 bsc#1253365).
- commit 15f8c57
- bpf: Enforce expected_attach_type for tailcall compatibility
(CVE-2025-40123 bsc#1253365).
- commit 0d4312e
- ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330
(bsc#1246370 CVE-2025-38336).
- commit bc71668
- hfsplus: fix KMSAN uninit-value issue in
__hfsplus_ext_cache_extent() (CVE-2025-40244 bsc#1255033).
- commit 4a719f8
- netfilter: nft_ct: add seqadj extension for natted connections
(CVE-2025-68206 bsc#1255142).
- commit ffc47ed
- sctp: Prevent TOCTOU out-of-bounds write (CVE-2025-40331
bsc#1254615).
- commit e87e362
- kabi: hide include of <net/lwtunnel.h> in include/net/ip.h
(CVE-2025-40074 bsc#1252794).
- commit 22c64b3
- net: use dst_dev_rcu() in sk_setup_caps() (CVE-2025-40170
bsc#1253413).
- ipv6: use RCU in ip6_output() (CVE-2025-40158 bsc#1253402).
- commit 38b553a
- ocfs2: clear extent cache after moving/defragmenting extents
(CVE-2025-40233 bsc#1254813).
- commit 5962377
- tls: Use __sk_dst_get() and dst_dev_rcu() in
get_netdev_for_sock() (CVE-2025-40149 bsc#1253355).
- commit 9e73f75
- smc: Use __sk_dst_get() and dst_dev_rcu() in
smc_clc_prfx_match() (CVE-2025-40168 bsc#1253427).
- commit 0dd4401
- smc: Use __sk_dst_get() and dst_dev_rcu() in in
smc_clc_prfx_set() (CVE-2025-40139 bsc#1253409).
- commit 7f84325
- smc: Fix use-after-free in __pnet_find_base_ndev()
(CVE-2025-40064 bsc#1252845).
- commit a90974f
- tcp_metrics: use dst_dev_net_rcu() (CVE-2025-40075 bsc#1252795).
- commit b2b82f1
- xfrm: also call xfrm_state_delete_tunnel at destroy time for
states that were never added (CVE-2025-40215 bsc#1254959).
- commit c6c59c0
- vsock: Ignore signal/timeout on connect() if already established
(CVE-2025-40248, bsc#1254864).
- commit 89f66e5
- xen/events: Return -EEXIST for bound VIRQs (CVE-2025-40160,
bsc#1253400).
- commit 1204669
- xen/events: Cleanup find_virq() return codes (CVE-2025-40160,
bsc#1253400).
- commit 41c00f2
- kabi: hide dst_entry::dev_rcu (CVE-2025-40074 bsc#1252794).
- ipv4: start using dst_dev_rcu() (CVE-2025-40074 bsc#1252794).
- ipv6: use RCU in ip6_xmit() (CVE-2025-40135 bsc#1253342).
- net: dst: introduce dst->dev_rcu (CVE-2025-40074 bsc#1252794).
- net: Add locking to protect skb->dev access in ip_output
(CVE-2025-40074 bsc#1252794).
- ipv6: ip6_mc_input() and ip6_mr_input() cleanups (CVE-2025-40074
bsc#1252794).
- ipv6: adopt skb_dst_dev() and skb_dst_dev_net[_rcu]() helpers
(CVE-2025-40074 bsc#1252794).
- ipv6: adopt dst_dev() helper (CVE-2025-40074 bsc#1252794).
- refresh patches.suse/net-ip6_tunnel-Prevent-perpetual-tunnel-growth.patch
- ipv4: adopt dst_dev, skb_dst_dev and skb_dst_dev_net[_rcu]
(CVE-2025-40074 bsc#1252794).
- net: dst: add four helpers to annotate data-races around
dst->dev (CVE-2025-40074 bsc#1252794).
- net: dst: annotate data-races around dst->output (CVE-2025-40074
bsc#1252794).
- net: dst: annotate data-races around dst->input (CVE-2025-40074
bsc#1252794).
- net: dst: annotate data-races around dst->lastuse
(CVE-2025-40074 bsc#1252794).
- net: dst: annotate data-races around dst->expires
(CVE-2025-40074 bsc#1252794).
- refresh patches.suse/ipv4-use-RCU-protection-in-__ip_rt_update_pmtu.patch
also use backport closer to mainline commit to make further backports easier
- net: dst: annotate data-races around dst->obsolete
(CVE-2025-40074 bsc#1252794).
- net: ipv4: ipmr: ipmr_queue_xmit(): Drop local variable `dev'
(CVE-2025-40074 bsc#1252794).
- tcp: convert to dev_net_rcu() (CVE-2025-40074 bsc#1252794).
- ndisc: ndisc_send_redirect() cleanup (CVE-2025-40074
bsc#1252794).
- ipv4: icmp: convert to dev_net_rcu() (CVE-2025-40074
bsc#1252794).
- net: dst_cache: annotate data-races around dst_cache->reset_ts
(CVE-2025-40074 bsc#1252794).
- ip: Fix data-races around sysctl_ip_fwd_use_pmtu (CVE-2022-49604 CVE-2025-40074
bsc#1238414 bsc#1252794).
- blacklist.conf: remove 60c158dc7b1f from blacklist
it was blacklisted as unneeded but now we need it as a prerequisity for
the CVE-2025-40074 / bsc#1252794 series
- refresh patches.suse/ipv4-use-RCU-protection-in-ip_dst_mtu_maybe_forward.patch
- ip: Fix data-races around sysctl_ip_default_ttl (CVE-2025-40074
bsc#1252794).
- refresh patches.suse/ipv4-add-RCU-protection-to-ip4_dst_hoplimit.patch
use backport closer to mainline version to make further backports easier
- ipv6: ip6_skb_dst_mtu() cleanups (CVE-2025-40074 bsc#1252794).
- net: ipv4: Consolidate ipv4_mtu and ip_dst_mtu_maybe_forward
(CVE-2025-40074 bsc#1252794).
- refresh patches.suse/ipv4-use-RCU-protection-in-ip_dst_mtu_maybe_forward.patch
- commit 7269666
- btrfs: reject invalid reloc tree root keys with stack dump (CVE-2023-53618 bsc#1251748)
- commit 1015f12
- btrfs: tree-checker: Refactor root key check into separate function (bsc#1251748)
Refresh patches.suse/btrfs-tree-checker-fix-false-alert-caused-by-legacy-.patch.
- commit b60efb9
- xfrm: delete x->tunnel as we delete x (CVE-2025-40215
bsc#1254959).
- commit 71c7413
- kABI: xfrm: delete x->tunnel as we delete x (bsc#1254959
CVE-2025-40215).
- commit 59e6618
- smc: Fix use-after-free in tcp_write_timer_handler()
(CVE-2023-53781 bsc#1254751).
- commit bf67dae
- PCI/IOV: Add PCI rescan-remove locking when enabling/disabling
SR-IOV (CVE-2025-40219 bsc#1254518).
- serial: amba-pl011: avoid SBSA UART accessing DMACR register
(CVE-2022-50625 bsc#1254559).
- commit 4c61e27
- Bluetooth: btusb: reorder cleanup in btusb_disconnect to avoid
UAF (CVE-2025-40283 bsc#1254858).
- commit 4b3fb60
- smb3: fix for slab out of bounds on mount to ksmbd (bsc#1249256,
CVE-2025-38728).
- commit 9fb41f0
- mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245431
CVE-2025-38085 bsc#1245499).
- commit f2cb81d
- HID: multitouch: Add NULL check in mt_input_configured (bsc#1250759)
- commit 9963a0f
- mm/hugetlb: fix folio is still mapped when deleted
(CVE-2025-40006 bsc#1252342).
- commit 79253cf
- mm: hugetlb: avoid soft lockup when mprotect to large memory
area (CVE-2025-40153 bsc#1253408).
- commit 174ebb8
- usbnet: Fix using smp_processor_id() in preemptible code
warnings (CVE-2025-40164 bsc#1253407).
- commit b10a5dd
- Disable CONFIG_CPU5_WDT
The cpu5wdt driver doesn't implement a proper watchdog interface and
has many code issues. It only handles obscure and obsolete hardware.
Stop building and supporting this driver (jsc#PED-14062).
- commit 12d0d02
- ext4: fix string copying in parse_apply_sb_mount_options()
(bsc#1253453 CVE-2025-40198).
- commit a350880
- ext4: detect invalid INLINE_DATA + EXTENTS flag combination
(bsc#1253458 CVE-2025-40167).
- commit 5b1fcbf
- ext4: avoid potential buffer over-read in
parse_apply_sb_mount_options() (bsc#1253453 CVE-2025-40198).
- commit f93c3a5
- net: dlink: handle copy_thresh allocation failure (CVE-2025-40053 bsc#1252808)
- commit 4dfabf1
- pid: Add a judgment for ns null in pid_nr_ns (CVE-2025-40178 bsc#1253463)
- commit 80993d6
- drm/vmwgfx: Fix a null-ptr access in the cursor snooper
(CVE-2025-40110 bsc#1253275).
- commit 78a9e64
- Squashfs: reject negative file sizes in squashfs_read_inode() (CVE-2025-40200 bsc#1253448)
- commit ce2cf29
- Squashfs: add additional inode sanity checking (bsc#1253448)
- commit dda3d33
- Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak (CVE-2025-40035 bsc#1252866)
- commit 27315ae
- perf: arm_spe: Prevent overflow in PERF_IDX2OFF() (CVE-2025-40081 bsc#1252776)
- commit dc2cb58
- wifi: ath9k: hif_usb: fix memory leak of remain_skbs (CVE-2023-53641 bsc#1251728)
- commit cddd1eb
- thermal: intel_powerclamp: Use first online CPU as control_cpu (bsc#1251173)
- commit a5e3566
- thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash (CVE-2022-50494 bsc#1251173)
- commit 2222fc8
- drm/scheduler: signal scheduled fence when kill job (bsc#1247227 CVE-2025-38436)
- commit b828f36
- Update
patches.suse/tcp-Don-t-call-reqsk_fastopen_remove-in-tcp_conn_request.patch
(git-fixes CVE-2025-40186 bsc#1253438).
- commit f901ef4
- HID: multitouch: Correct devm device reference for hidinput input_dev name (CVE-2023-53454 bsc#1250759)
- commit 0db515e
- net: dcb: choose correct policy to parse DCB_ATTR_BCN (CVE-2023-53369 bsc#1250206)
- commit 358246e
- btrfs: avoid potential out-of-bounds in btrfs_encode_fh() (CVE-2025-40205 bsc#1253456)
- commit 22c9af2
- net/ip6_tunnel: Prevent perpetual tunnel growth (CVE-2025-40173
bsc#1253421).
- commit d8c4c44
- scsi: mvsas: Fix use-after-free bugs in mvs_work_queue
(CVE-2025-40001 bsc#1252303).
- commit bb0f1cb
- uio_hv_generic: Let userspace take care of interrupt mask (CVE-2025-40048 bsc#1252862).
- commit 76a0e50
- sctp: Fix MAC comparison to be constant-time (CVE-2025-40204
bsc#1253436).
- commit eccee08
- smb3: fix Open files on server counter going negative
(git-fixes).
- commit 15583ca
- cifs: return a single-use cfid if we did not get a lease
(bsc#1228688).
- commit c039524
- cifs: Check the lease context if we actually got a lease
(bsc#1228688).
- Refresh
patches.suse/cifs-fix-open-leaks-in-open_cached_dir.patch.
- Refresh
patches.suse/smb-client-fix-potential-OOBs-in-smb2_parse_contexts-.patch.
- commit 9351453
- kabi/severities: Update info about kvm_86_ops
- commit 69450ab
- net/sched: sch_qfq: Fix null-deref in agg_dequeue (CVE-2025-40083 bsc#1252912).
- commit 2a85e50
- KVM: x86: Give a hint when Win2016 might fail to boot due to XSAVES erratum (git-fixes).
- commit 4d19df5
- Refresh patches.suse/x86-CPU-AMD-Disable-XSAVES-on-AMD-family-0x17.patch.
XSAVE feature clearing should apply to ZEN1/2 and not to K6 CPUs.
- commit b258ad9
- blacklist.conf: Add imxfb commit
- Delete
patches.suse/0002-video-fbdev-imxfb-Fix-an-error-message.patch.
- Delete
patches.suse/0004-fbdev-imxfb-warn-about-invalid-left-right-margin.patch.
We don't build this driver.
- commit a556fb5
- net/sched: sch_hfsc: upgrade 'rt' to 'sc' when it becomes a
inner curve (bsc#1220419).
- commit 6275dfe
- scsi: ses: Handle enclosure with just a primary component
gracefully (git-fixes CVE-2023-53431 bsc#1250374).
- commit 1585d41
- PCI: aardvark: Fix checking for MEM resource type (git-fixes).
- commit ee4989d
- Fix another type-mismatch issue in fbcon patches (bsc#1252033 CVE-2025-39967 bsc#1253237)
Fix another type mismatch in fbcon font handling:
* comparison of distinct pointer types lacks a cast [enabled by default] in ../drivers/video/console/fbcon.c in fbcon_set_font (from ../include/linux/overflow.h)
In file included from ../include/linux/vmalloc.h:10:0,
../drivers/video/console/fbcon.c: In function 'fbcon_set_font':
../include/linux/overflow.h:150:15: warning: comparison of distinct pointer types lacks a cast [enabled by default]
../include/linux/overflow.h:206:4: note: in expansion of macro '__signed_add_overflow'
../drivers/video/console/fbcon.c:2467:6: note: in expansion of macro 'check_add_overflow'
* comparison of distinct pointer types lacks a cast [enabled by default] in ../include/linux/overflow.h
../include/linux/overflow.h:151:15: warning: comparison of distinct pointer types lacks a cast [enabled by default]
../include/linux/overflow.h:206:4: note: in expansion of macro '__signed_add_overflow'
../drivers/video/console/fbcon.c:2467:6: note: in expansion of macro 'check_add_overflow'
* comparison of distinct pointer types lacks a cast [enabled by default] in ../include/linux/overflow.h
../include/linux/overflow.h:101:15: warning: comparison of distinct pointer types lacks a cast [enabled by default]
../include/linux/overflow.h:207:4: note: in expansion of macro '__unsigned_add_overflow'
../drivers/video/console/fbcon.c:2467:6: note: in expansion of macro 'check_add_overflow'
* comparison of distinct pointer types lacks a cast [enabled by default] in ../include/linux/overflow.h
../include/linux/overflow.h:102:15: warning: comparison of distinct pointer types lacks a cast [enabled by default]
../include/linux/overflow.h:207:4: note: in expansion of macro '__unsigned_add_overflow'
../drivers/video/console/fbcon.c:2467:6: note: in expansion of macro 'check_add_overflow'
- commit 3586116
- Refresh
patches.suse/KVM-nSVM-always-intercept-VMLOAD-VMSAVE-when-nested.
- Refresh
patches.suse/KVM-nSVM-avoid-picking-up-unsupported-bits-from-L2-i.
Add upstream commit ID and move to sorted section.
- commit 808b040
- dmaengine: bcm2835: Avoid GFP_KERNEL in device_prep_slave_sg
(bsc#1070872).
Rename, update with upstream description and reference, and move to the
sorted section.
- commit 3ac835f
- Move ocfs2 fixes to the sorted section
- commit c36ff63
- wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded sta (CVE-2023-53229 bsc#1249650)
- commit 6e55df1
- Restore fixes for fbcon_do_set_font() (bsc#1252033 CVE-2025-39967 bsc#1253237)
The backport from bsc#1252033 failed because check_mul_overflow()
did not handle differences in type signs. Restore the patches and
fix them to use unsigned types for all calculations. Input arguments
are unsigned anyway.
- commit 7a71d84
- wifi: brcmfmac: Fix potential shift-out-of-bounds in brcmf_fw_alloc_request() (CVE-2022-50551 bsc#1251322)
- commit 644642c
- r6040: Fix kmemleak in probe and remove (CVE-2022-50545 bsc#1251285)
- commit 506400a
- xfrm: Update ipcomp_scratches with NULL when freed
(CVE-2022-50569 bsc#1252640).
- commit 8b98d1b
- scsi: target: iscsi: Fix buffer overflow in
lio_target_nacl_info_show() (bsc#1251786 CVE-2023-53676).
- commit e9a3dc4
- Revert "fbcon: fix integer overflow in fbcon_do_set_font (bsc#1252033 CVE-2025-39967)"
This reverts commit ef5b27e0395e36f32d5881894b4deb2dc992343a.
- commit 541fc90
- Revert "fbcon: Fix OOB access in font allocation (bsc#1252033)"
This reverts commit d696663168f05fd9eb1b90bb1be489edf7001e6b.
- commit 3f75577
- Alt-commit updates
- Refresh
patches.suse/0001-drm-amdgpu-validate-the-parameters-of-bo-mapping-ope.patch.
- Refresh
patches.suse/0001-drm-i915-gem-Fix-Virtual-Memory-mapping-boundaries-c.patch.
- Refresh patches.suse/1394-drm-msm-fix-no_implicit-fencing-case.
- Refresh
patches.suse/Revert-drm-radeon-Fix-EEH-during-kexec.patch.
- commit 5d5cec6
- ARM: dts: exynos: Use Exynos5420 compatible for the MIPI video phy (CVE-2023-53542 bsc#1251154)
- commit f3fb811
- drm/msm/dsi: fix memory corruption with too many bridges (CVE-2022-50368 bsc#1250009)
- commit 520589a
- pps: fix warning in pps_register_cdev when register device fail
(CVE-2025-40070 bsc#1252836).
- commit cb71ffd
- pinctrl: check the return value of
pinmux_ops::get_function_name() (CVE-2025-40030 bsc#1252773).
- commit b26cdf3
- ocfs2: fix double free in user_cluster_connect() (CVE-2025-40055 bsc#1252821)
- commit 832b986
- class: fix possible memory leak in __class_register()
(CVE-2022-50578 bsc#1252519).
- commit 4001512
- mm/ksm: fix flag-dropping behavior in ksm_madvise
(CVE-2025-40040 bsc#1252780).
- commit 6af1ea3
- net/9p: fix double req put in p9_fd_cancelled (CVE-2025-40027
bsc#1252763).
- commit 12bcbd0
- fs/smb: Fix inconsistent refcnt update (bsc#1250176,
CVE-2025-39819).
- commit 8b09411
- 9p/trans_fd: Fix concurrency del of req_list in
p9_fd_cancelled/p9_read_work (CVE-2025-40027 bsc#1252763).
- commit 2d2d005
- cifs: fix mid leak during reconnection after timeout threshold
(bsc#1251159, CVE-2023-53597).
- commit 29af9dd
- tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails
to allocate psock->cork (bsc#1250705).
- commit 5eef25f
- tcp_bpf: Fix copied value in tcp_bpf_sendmsg (bsc#1250650).
- skmsg: Return copied bytes in sk_msg_memcopy_from_iter
(bsc#1250650).
- commit 7274f26
- wifi: ath9k: Fix potential stack-out-of-bounds write in
ath9k_wmi_rsp_callback() (CVE-2023-53717 bsc#1252560).
- commit 469787a
- net: sched: cls_u32: Undo tcf_bind_filter if
u32_replace_hw_knode (CVE-2023-53733 bsc#1252685).
- commit 308a4a1
- blacklist.conf: CVE-2025-37928 bsc#1243621
- Delete patches.suse/dm-bufio-don-t-schedule-in-atomic-context.patch
- commit 2991827
- udf: Preserve link count of system files (bsc#1252539
CVE-2023-53695).
- commit c7818f7
- udf: Detect system inodes linked into directory hierarchy
(bsc#1252539 CVE-2023-53695).
- commit 9e1ad9a
- NFSD: Define a proc_layoutcommit for the FlexFiles layout type
(CVE-2025-40088 bsc#1252909).
- commit b682724
- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()
(CVE-2025-40082 bsc#1252775).
- commit 71ba5db
- hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp()
(CVE-2025-40088 bsc#1252904).
- commit 3401643
- kernel-subpackage-spec: Do not doubly-sign modules (bsc#1251930).
- commit 0f034b6
- bpf: Explicitly check accesses to bpf_sock_addr (CVE-2025-40078
bsc#1252789).
- commit 62aaf66
- Squashfs: fix uninit-value in squashfs_get_parent (bsc#1252822
CVE-2025-40049).
- commit acc9cea
- fs: udf: fix OOB read in lengthAllocDescs handling (bsc#1252785 CVE-2025-40044).
- commit 7dc17e9
- drm/amdkfd: Fix UBSAN shift-out-of-bounds warning (bsc#1250764 CVE-2021-4460)
- commit 033f866
- pnode: terminate at peers of source (CVE-2022-50280 bsc#1249806)
- commit 628cc9e
- crypto: af_alg - Set merge to zero early in af_alg_sendmsg (CVE-2025-39931 bsc#1251100).
- commit 904e401
- btrfs: call __btrfs_remove_free_space_cache_locked on cache load failure (CVE-2022-50571 bsc#1252487)
- commit 8e09358
- drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1 (bsc#1252632 CVE-2023-53707)
- commit 73d1a0a
- Update
patches.suse/0086-dm-thin-Fix-UAF-in-run_timer_softirq.patch
(git-fixes CVE-2022-50563 bsc#1252480).
- Update patches.suse/hfs-fix-OOB-Read-in-__hfs_brec_find.patch
(git-fixes CVE-2022-50581 bsc#1252549).
- Update
patches.suse/md-raid1-fix-potential-OOB-in-raid1_remove_disk-8b04.patch
(git-fixes CVE-2023-53722 bsc#1252499).
- Update
patches.suse/s390-netiucv-Fix-return-type-of-netiucv_tx.patch
(git-fixes bsc#1212175 CVE-2022-50564 bsc#1252538).
- Update
patches.suse/scsi-qla2xxx-Fix-memory-leak-in-qla2x00_probe_one.patch
(git-fixes CVE-2023-53696 bsc#1252513).
- Update
patches.suse/scsi-ses-Fix-possible-addl_desc_ptr-out-of-bounds-accesses.patch
(git-fixes CVE-2023-7324 bsc#1252893).
- commit 6722787
- fbcon: Fix OOB access in font allocation (bsc#1252033)
- commit d696663
- fbcon: fix integer overflow in fbcon_do_set_font (bsc#1252033 CVE-2025-39967)
- commit ef5b27e
- kABI fix for net: vlan: fix VLAN 0 refcount imbalance of
toggling filtering during runtime (CVE-2025-38470 bsc#1247288).
- commit 589d82f
- i2c: mux: reg: check return value after calling platform_get_resource() (CVE-2022-50364 bsc#1250083)
- commit 2b2cffb
- ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free
(CVE-2025-39997 bsc#1252056).
- commit a51d8e6
- iommu/amd: Fix pci device refcount leak in ppr_notifier() (CVE-2022-50505 bsc#1251086)
- commit 8687154
- drm/hisilicon/hibmc: fix the hibmc loaded failed bug (CVE-2025-39772 bsc#1249506)
- commit d8e1da7
- ipvs: Defer ip_vs_ftp unregister during netns cleanup
(CVE-2025-40018 bsc#1252688).
- commit 69275ca
- ext4: fix bug in extents parsing when eh_entries == 0 and
eh_depth > 0 (bsc#1223475 CVE-2022-48631).
- commit 70236d6
- tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request()
(git-fixes).
- commit 757a6b5
- tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect()
(CVE-2025-39955 bsc#1251804).
- ipv6: Fix out-of-bounds access in ipv6_find_tlv()
(CVE-2023-53705 bsc#1252554).
- commit 171d7f3
- Revert "e1000e: fix heap overflow in e1000_set_eeprom (CVE-2025-39898"
This reverts commit 2836e8d8d652cc9b552b6399525f14e15353483b.
- commit 0a9731b
- Revert "Refresh"
This reverts commit 9531965fe99a2d5cc7f092699c30780cd95fe9e3.
- Revert "Refresh"
This reverts commit bbde1b2cc3e31ca5dab4e71e08f50d277c0dcf13.
- commit 1af8647
- md: fix soft lockup in status_resync (bsc1251318,
CVE-2023-53620).
- commit 8f3ae24
- i40e: add max boundary check for VF filters (CVE-2025-39968
bsc#1252047).
- i40e: fix idx validation in i40e_validate_queue_map
(CVE-2025-39972 bsc#1252039).
- i40e: add validation for ring_len param (CVE-2025-39973
bsc#1252035).
- qed: Don't collect too many protection override GRC elements
(CVE-2025-39949 bsc#1251177).
- commit bc08ffd
- lib: cpu_rmap: Fix potential use-after-free in
irq_cpu_rmap_release() (CVE-2023-53484 bsc#1250895).
- commit d30b615
- lib: cpu_rmap: Avoid use after free on rmap->obj array entries
(CVE-2023-53484 bsc#1250895).
- commit 3aa6f20
- wifi: cfg80211: reject auth/assoc to AP with our address
(CVE-2023-53540 bsc#1251053).
- commit ee3b008
- wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex
(CVE-2023-53715 bsc#1252545).
- commit 9b29c92
- i40e: fix idx validation in config queues msg (CVE-2025-39971 bsc#1252052)
- commit c33db33
- i40e: Add bounds check for ch[] array (CVE-2025-39971 bsc#1252052)
- commit bf307ec
- i40e: fix input validation logic for action_meta (CVE-2025-39970 bsc#1252051)
- commit 4e82f01
- i40e: Fix filter input checks to prevent config with invalid values (CVE-2025-39970 bsc#1252051)
- commit 57297d8
- net: sched: sfb: fix null pointer access issue when sfb_init()
fails (CVE-2022-50356 bsc#1250040).
- commit 882fd64
- tty: serial: samsung_tty: Fix a memory leak in
s3c24xx_serial_getclk() when iterating clk (CVE-2023-53687
bsc#1251772).
- commit 653cf6a
- cifs: Release folio lock on fscache read hit (CVE-2023-53593 bsc#1251132)
- commit 6362ac3
- dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees (CVE-2025-39923 bsc#1250741)
- commit fbf8fb9
- net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() (CVE-2025-39876 bsc#1250400)
- commit bd6ed1f
- net: hv_netvsc: fix loss of early receive events from host during channel open (bsc#1252265).
- commit e2ece38
- netfilter: conntrack: fix wrong ct->timeout value
(CVE-2023-53635 bsc#1251524).
- commit cb2dbc3
- scsi: iscsi_tcp: Check that sock is valid before
iscsi_set_param() (git-fixes).
- commit f85971b
- Refresh
patches.suse/e1000e-fix-heap-overflow-in-e1000_set_eeprom.patch.
Let check_add_overflow perform its intended duty.
- commit bbde1b2
- smb: client: fix smbdirect_recv_io leak in smbd_negotiate() error path (CVE-2025-39929 bsc#1251036)
- commit 33a9326
- i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path (CVE-2025-39911 bsc#1250704)
- commit 18ff544
- sctp: initialize more fields in sctp_v6_from_sk() (CVE-2025-39812 bsc#1250202)
- commit 262d224
- integrity: Fix memory leakage in keyring allocation error path (CVE-2022-50395 bsc#1250211)
- commit 89f3524
- memory: of: Fix refcount leak bug in of_get_ddr_timings() (CVE-2022-50249 bsc#1249747)
- commit a04f0d4
- openvswitch: fix lockup on tx to unregistering netdev with carrier (bsc#1249854)
- commit 5c8a374
- net: openvswitch: fix race on port output (CVE-2023-53188 bsc#1249854)
- commit 02a1cae
- ipv6: sr: Fix MAC comparison to be constant-time (CVE-2025-39702 bsc#1249317)
- commit 6728b5c
- sctp: linearize cloned gso packets in sctp_rcv (CVE-2025-38718 bsc#1249161)
- commit 084aea4
- serial: 8250: fix panic due to PSLVERR (CVE-2025-39724 bsc#1249265)
- commit 9d4bd1b
- scsi: qla4xxx: Prevent a potential error pointer dereference (CVE-2025-39676 bsc#1249302)
- commit a7b1238
- media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() (CVE-2025-38680 bsc#1249203)
- commit c6c8afe
- scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling
getpeername() (CVE-2022-50459 bsc#1250850).
- commit 3807688
- blk-mq: fix NULL dereference on q->elevator in
blk_mq_elv_switch_none (CVE-2023-53292 bsc#1250163).
- blk-mq: protect q->elevator by ->sysfs_lock in
blk_mq_elv_switch_none (CVE-2023-53292 bsc#1250163).
- commit f60e1b9
- netfilter: conntrack: Avoid nf_ct_helper_hash uses after free
(CVE-2023-53619 bsc#1251743).
- commit d9a3ca9
- NFSv4.1: fix backchannel max_resp_sz verification check
(bsc#1247518).
- commit 4f042cf
- doc/README.SUSE: Correct the character used for TAINT_NO_SUPPORT
The character was previously 'N', but upstream used it for TAINT_TEST,
which prompted the change of TAINT_NO_SUPPORT to 'n'. This occurred in
commit c35dc3823d08 ("Update to 6.0-rc1") on master and in d016c04d731d
("Bump to 6.4 kernel (jsc#PED-4593)") for SLE15-SP6 (and onwards).
Update the documentation to reflect this change.
- commit f42ecf5
- ALSA: ac97: Fix possible error value of *rac97 (CVE-2023-53648
bsc#1251750).
- ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer
(CVE-2023-53648 bsc#1251750).
- commit 3add5a8
- tipc: add tipc_bearer_min_mtu to calculate min mtu
(CVE-2023-53517 bsc1250919).
- commit af0b7c0
- tipc: do not update mtu if msg_max is too small in mtu
negotiation (CVE-2023-53517 bsc#1250919).
- commit 246819a
- btrfs: do not BUG_ON() on ENOMEM when dropping extent items for a range (CVE-2022-50293 bsc#1249752)
- commit 674444e
- btrfs: exit gracefully if reloc roots don't match (CVE-2023-53183 bsc#1249863)
- commit 5aefca3
- btrfs: fix BUG_ON condition in btrfs_cancel_balance (CVE-2023-53339 bsc#1250329)
- commit e64f98a
- hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read()
(bsc#1249260 CVE-2025-38714).
- commit d550dcb
- nfsd: handle get_client_locked() failure in
nfsd4_setclientid_confirm() (bsc#1249169 CVE-2025-38724).
- commit 7ce8b22
- net/sched: sch_fq: fix integer overflow of "credit"
(CVE-2023-53624 bsc#1251333).
- commit 4033336
- pNFS: Fix uninited ptr deref in block/scsi layout (bsc#1249215
CVE-2025-38691).
- commit b3165ea
- Update
patches.suse/0003-fbdev-omapfb-lcd_mipid-Fix-an-error-handling-path-in.patch
(bsc#1154048 CVE-2023-53650 bsc#1251283).
- Update patches.suse/0087-dm-cache-Fix-UAF-in-destroy.patch
(git-fixes CVE-2022-50496 bsc#1251091).
- Update
patches.suse/0088-dm-thin-Fix-ABBA-deadlock-between-shrink_slab-and-dm_pool_abort_metadata.patch
(git-fixes CVE-2022-50549 bsc#1251550).
- Update
patches.suse/0092-dm-thin-Use-last-transaction-s-pmd-root-when-commit-failed.patch
(git-fixes CVE-2022-50534 bsc#1251292).
- Update
patches.suse/Input-raspberrypi-ts-fix-refcount-leak-in-rpi_ts_pro.patch
(git-fixes CVE-2023-53533 bsc#1251080).
- Update
patches.suse/NFSD-Protect-against-send-buffer-overflow-in-NFSv3-Rdir.patch
(bsc#1205128 CVE-2022-43945 bsc#1210124 CVE-2022-50487
bsc#1251208).
- Update
patches.suse/bcache-Fix-__bch_btree_node_alloc-to-make-the-failur-80fc.patch
(git-fixes CVE-2023-53681 bsc#1251769).
- Update
patches.suse/bpf-sockmap-Fix-repeated-calls-to-sock_put-when-msg-.patch
(bsc#1235485 CVE-2024-56633 CVE-2022-50536 bsc#1251293).
- Update
patches.suse/btrfs-output-extra-debug-info-if-we-failed-to-find-a.patch
(bsc#1215136 CVE-2023-53672 bsc#1251780).
- Update
patches.suse/dm-integrity-call-kmem_cache_destroy-in-dm_integrity-6b79.patch
(git-fixes CVE-2023-53604 bsc#1251210).
- Update
patches.suse/firmware-raspberrypi-fix-possible-memory-leak-in-rpi.patch
(git-fixes CVE-2022-50537 bsc#1251294).
- Update
patches.suse/fs-hfsplus-remove-WARN_ON-from-hfsplus_cat_-read-write-_inode.patch
(git-fixes CVE-2023-53683 bsc#1251329).
- Update
patches.suse/gfs2-Fix-possible-data-races-in-gfs2_show_options.patch
(git-fixes CVE-2023-53622 bsc#1251777).
- Update
patches.suse/ipmi-Cleanup-oops-on-initialization-failure.patch
(FATE#326156 CVE-2023-53611 bsc#1251123).
- Update
patches.suse/media-coda-Add-check-for-dcoda_iram_alloc.patch
(git-fixes CVE-2022-50501 bsc#1251099).
- Update patches.suse/media-coda-Add-check-for-kmalloc.patch
(git-fixes CVE-2022-50509 bsc#1251522).
- Update patches.suse/media-radio-shark-Add-endpoint-checks.patch
(git-fixes CVE-2023-53644 bsc#1251736).
- Update
patches.suse/msft-hv-2870-Drivers-hv-vmbus-Don-t-dereference-ACPI-root-object-.patch
(git-fixes CVE-2023-53647 bsc#1251732).
- Update
patches.suse/net-cdc_ncm-Deal-with-too-low-values-of-dwNtbOutMaxS.patch
(git-fixes CVE-2023-53667 bsc#1251761).
- Update
patches.suse/ocfs2-fix-defrag-path-triggering-jbd2-ASSERT.patch
(git-fixes CVE-2023-53564 bsc#1251072).
- Update
patches.suse/powerpc-rtas-avoid-scheduling-in-rtas_os_term.patch
(bsc#1065729 CVE-2022-50504 bsc#1251182).
- Update
patches.suse/ring-buffer-Fix-deadloop-issue-on-reading-trace_pipe.patch
(git-fixes CVE-2023-53668 bsc#1251286).
- Update
patches.suse/ring-buffer-Sync-IRQ-works-before-buffer-destruction.patch
(git-fixes CVE-2023-53587 bsc#1251128).
- Update
patches.suse/s390-zcrypt-don-t-leak-memory-if-dev_set_name-fails.patch
(git-fixes bsc#1215152 CVE-2023-53568 bsc#1251035).
- Update
patches.suse/scsi-mpt3sas-Fix-possible-resource-leaks-in-mpt3sas_transport_port_add.patch
(git-fixes CVE-2022-50532 bsc#1251300).
- Update
patches.suse/scsi-qla2xxx-Avoid-fcport-pointer-dereference.patch
(bsc#1213747 CVE-2023-53603 bsc#1251180).
- Update
patches.suse/scsi-qla2xxx-Fix-crash-when-I-O-abort-times-out.patch
(jsc#PED-568 CVE-2022-50493 bsc#1251088).
- Update
patches.suse/scsi-qla2xxx-Fix-deletion-race-condition.patch
(bsc#1213747 CVE-2023-53615 bsc#1251113).
- Update
patches.suse/scsi-ses-Fix-possible-desc_ptr-out-of-bounds-accesses.patch
(git-fixes CVE-2023-53675 bsc#1251325).
- Update
patches.suse/usb-host-xhci-Fix-potential-memory-leak-in-xhci_allo.patch
(git-fixes CVE-2022-50544 bsc#1251725).
- Update
patches.suse/xhci-Remove-device-endpoints-from-bandwidth-list-whe.patch
(git-fixes CVE-2022-50470 bsc#1251202).
- commit a902bff
- fs: fix UAF/GPF bug in nilfs_mdt_destroy (CVE-2022-50367 bsc#1250277)
- commit d8f49e5
- cnic: Fix use-after-free bugs in cnic_delete_task
(CVE-2025-39945 bsc#1251230).
- iavf: Fix use-after-free in free_netdev (CVE-2023-53556
bsc#1251059).
- commit afb4745
- wifi: iwlwifi: mvm: don't trust firmware n_channels
(CVE-2023-53589 bsc#1251129).
- commit 988e8e2
- driver core: fix resource leak in device_add() (CVE-2023-53594
bsc#1251166).
- commit 5614ed9
- wifi: brcmfmac: ensure CLM version is null-terminated to
prevent stack-out-of-bounds (CVE-2023-53582 bsc#1251061).
- commit fad0717
- tracing: Add down_write(trace_event_sem) when adding trace event
(bsc#1248211 CVE-2025-38539).
- commit e8323f2
- ftrace: Also allocate and copy hash for reading of filter files
(bsc#1250032 CVE-2025-39813).
- commit fc74b08
- ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode
(bsc#1251197 CVE-2022-50485).
- commit e7befdc
- fs: writeback: fix use-after-free in __mark_inode_dirty()
(bsc#1250455 CVE-2025-39866).
- commit 71bbea8
- fs: Prevent file descriptor table allocations exceeding INT_MAX
(bsc#1249512 CVE-2025-39756).
- commit a3d8b0c
- ftrace: Fix potential warning in trace_printk_seq during
ftrace_dump (bsc#1250032 CVE-2025-39813).
- commit 4308207
- trace/fgraph: Fix the warning caused by missing unregister
notifier (bsc#1248211 CVE-2025-38539).
- commit 44bb2c8
- ipv6: Add lwtunnel encap size of all siblings in nexthop
calculation (CVE-2023-53477 bsc#1250840).
- commit 9c1503d
- drivers: base: Free devm resources when unregistering a device
(CVE-2023-53596 bsc#1251161).
- commit b016181
- media: v4l2-mem2mem: add lock to protect parameter num_rdy
(CVE-2023-53519 bsc#1250964).
- commit d68a51f
- ip_vti: fix potential slab-use-after-free in decode_session6
(CVE-2023-53559 bsc#1251052).
- commit 688b608
- Refresh
patches.suse/e1000e-fix-heap-overflow-in-e1000_set_eeprom.patch.
- commit 9531965
- ACPICA: Fix use-after-free in
acpi_ut_copy_ipackage_to_ipackage() (CVE-2022-50423
bsc#1250784).
- commit e5308a6
- scsi: lpfc: Fix buffer free/clear order in deferred receive path
(CVE-2025-39841 bsc#1250274).
- scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory
is allocated (CVE-2025-38700 bsc#1249182).
- scsi: bfa: Double-free fix (CVE-2025-38699 bsc#1249224).
- scsi: lpfc: Fix use-after-free KFENCE violation during sysfs
firmware write (CVE-2023-53282 bsc#1250311).
- scsi: target: iscsi: Fix a race condition between login_work
and the login thread (CVE-2022-50350 bsc#1250261).
- commit 204e345
- net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb
(CVE-2023-53548 bsc#1251066).
- blacklist.conf: CVE unknown at the time
- commit 7beb085
- drm/rockchip: lvds: fix PM usage counter unbalance in poweron (bsc#1250768 CVE-2022-50443)
- commit b56de15
- fs: dlm: fix invalid derefence of sb_lvbptr (bsc#1251741
CVE-2022-50516).
- commit 09e6897
- af_unix: Fix data-races around user->unix_inflight
(CVE-2023-53204 bsc#1249682).
- commit 77897d4
- media: si470x: Fix use-after-free in si470x_int_in_callback()
(CVE-2022-50542 bsc#1251330).
- commit 29b7473
- ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value (CVE-2022-50327 bsc#1249859)
- commit 18b9822
- scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport
structure (CVE-2025-38695 bsc#1249285).
- commit a538909
- cxl: fix possible null-ptr-deref in cxl_guest_init_afu|adapter()
(CVE-2022-50481 bsc#1251051).
- commit e12557d
- lwt: Fix return values of BPF xmit ops (bsc#1250074
CVE-2023-53338).
- commit 6dcc27e
- i2c: ismt: Fix an out-of-bounds bug in ismt_access() (CVE-2022-50394 bsc#1250107)
- commit 473df14
- wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes (CVE-2023-53185 bsc#1249820)
- commit ee941e7
- irqchip/alpine-msi: Fix refcount leak in alpine_msix_init_domains (CVE-2023-53191 bsc#1249721)
- commit 3a22168
- ubi: Fix unreferenced object reported by kmemleak in ubi_resize_volume() (CVE-2023-53271 bsc#1249916)
- commit 0c5e1f7
- media: bdisp: Add missing check for create_workqueue (CVE-2023-53289 bsc#1249941)
- commit a94aab1
- crypto: seqiv - Handle EBUSY correctly (CVE-2023-53373 bsc#1250137)
- commit dd42b1d
- iommu/mediatek: Fix crash on isr after kexec() (CVE-2022-50236
bsc#1249702).
- commit 97b644f
- iw_cxgb4: Fix potential NULL dereference in c4iw_fill_res_cm_id_entry() (CVE-2023-53476 bsc#1250839)
- commit 04895ff
- e1000e: fix heap overflow in e1000_set_eeprom (CVE-2025-39898
bsc#1250742).
- net: add vlan_get_protocol_and_depth() helper (CVE-2023-53433
bsc#1250164).
- commit 2836e8d
- python36
-
- Add CVE-2025-13836-http-resp-cont-len.patch (bsc#1254400,
CVE-2025-13836) to prevent reading an HTTP response from
a server, if no read amount is specified, with using
Content-Length per default as the length.
- Add CVE-2025-12084-minidom-quad-search.patch prevent quadratic
behavior in node ID cache clearing (CVE-2025-12084,
bsc#1254997).
- Add CVE-2025-13837-plistlib-mailicious-length.patch protect
against OOM when loading malicious content (CVE-2025-13837,
bsc#1254401).
- Add CVE-2025-6075-expandvars-perf-degrad.patch avoid simple
quadratic complexity vulnerabilities of os.path.expandvars()
(CVE-2025-6075, bsc#1252974).
- Skip test_curses on ppc64le (gh#python/cpython#141534)
- Add CVE-2025-8291-consistency-zip64.patch which checks
consistency of the zip64 end of central directory record, and
preventing obfuscation of the payload, i.e., you scanning for
malicious content in a ZIP file with one ZIP parser (let's say
a Rust one) then unpack it in production with another (e.g.,
the Python one) and get malicious content that the other parser
did not see (CVE-2025-8291, bsc#1251305)
- Readjust patches while synchronizing between openSUSE and SLE trees:
- F00251-change-user-install-location.patch
- doc-py38-to-py36.patch
- gh126985-mv-pyvenv.cfg2getpath.patch