- freetype2
-
- Added patch:
* CVE-2025-23022.patch
+ fixes bsc#1235670, CVE-2025-23022: signed integer overflow in
cf2_doFlex in cff/cf2intrp.c
+ also fixes an overflow in cf2_hintmap_insertHint in
src/cff/cf2hints.c
+ it is a backport of upstream commits e66d7300 and 3802ca8b
- kbd
-
- Don't search for resources in the current directory. It can cause
unwanted side effects or even infinite loop (bsc#1237230,
kbd-ignore-working-directory-1.patch,
kbd-ignore-working-directory-2.patch,
kbd-ignore-working-directory-3.patch).
- perl
-
- do not change the current directory when cloning an open
directory handle [bnc#1244079] [CVE-2025-40909]
new patch: perl-dirdup.diff
- python-requests
-
- Add CVE-2024-47081.patch upstream patch, fixes netrc credential leak
(gh#psf/requests#6965, CVE-2024-47081, bsc#1244039)
- pciutils
-
- Apply "fix-lack-of-exposure-of-pci_init-for-libpci_3.2.patch" to
fix the biosdevname utility, which was broken by an update to
pcituils 3.5.x because the newer version forgot to export
pci_init() for library version LIBPCI_3.2. [bsc#1241994]
- Update to pciutils 3.5.6 from SLE-15 [jsc#PED-4587].
The following patches are obsolete in the newer version:
* add-decoding-of-vendor-specific-vpd-fields.patch
* pciutils-3.1.7-fix-memory-leak-in-get_cache_name.patch
* pciutils-3.5.1-add-support-for-32-bit-pci-domains.patch
* pciutils-lspci-Correct-Root-Capabilities-CRS-Software-Visibil.patch
* show-gen4-speed-properly.patch
- Add "pciutils-Add-PCIe-5.0-data-rate-32-GT-s-support.patch" and
"pciutils-Add-PCIe-6.0-data-rate-64-GT-s-support.patch" to fix
LnkCap speed recognition in lspci for multi PCIe ports such as
the ML110 Gen11. [bsc#1192862]
- Fix lspci outputs few of the VPD data fields are displayed as unknown (bsc#1170554, ltc#185587).
Added:
* pciutils-VPD-When-printing-item-IDs-escape-non-ASCII-characte.patch
* pciutils-VPD-Cleanup.patch
* pciutils-Add-decoding-of-vendor-specific-VPD-fields.patch
- rsync
-
- Fix bsc#1239649 - rsync bwlimit=0 option was broken by CVE-2024-12088 fix.
* Add rsync-fix-bwlimit.patch
* bwlimit=0 specifies no limit properly now.
- python-setuptools
-
- Add patch CVE-2025-47273.patch to fix A path traversal
vulnerability.
(bsc#1243313, CVE-2025-47273, gh#pypa/setuptools@250a6d17978f)
- google-guest-agent
-
- Update to version 20250506.01 (bsc#1243254, bsc#1243505)
* Make sure agent added connections are activated by NM (#534)
- from version 20250506.00
* wrap NSS cache refresh in a goroutine (#533)
- from version 20250502.01
* Wicked: Only reload interfaces for which configurations are written or changed. (#524)
- from version 20250502.00
* Add AuthorizedKeysCompat to windows packaging (#530)
* Remove error messages from gce_workload_cert_refresh and metadata script runner (#527)
* Update guest-logging-go dependency (#526)
* Add 'created-by' metadata, and pass it as option to logging library (#508)
* Revert "oslogin: Correctly handle newlines at the end of modified files (#520)" (#523)
* Re-enable disabled services if the core plugin was enabled (#522)
* Enable guest services on package upgrade (#519)
* oslogin: Correctly handle newlines at the end of modified files (#520)
* Fix core plugin path (#518)
* Fix package build issues (#517)
* Fix dependencies ran go mod tidy -v (#515)
* Fix debian build path (#514)
* Bundle compat metadata script runner binary in package (#513)
* Bump golang.org/x/net from 0.27.0 to 0.36.0 (#512)
* Update startup/shutdown services to launch compat manager (#503)
* Bundle new gce metadata script runner binary in agent package (#502)
* Revert "Revert bundling new binaries in the package (#509)" (#511)
- from version 20250418.00
* Re-enable disabled services if the core plugin was enabled (#521)
- from version 20250414.00
* Add AuthorizedKeysCompat to windows packaging (#530)
* Remove error messages from gce_workload_cert_refresh and metadata script runner (#527)
* Update guest-logging-go dependency (#526)
* Add 'created-by' metadata, and pass it as option to logging library (#508)
* Revert "oslogin: Correctly handle newlines at the end of modified files (#520)" (#523)
* Re-enable disabled services if the core plugin was enabled (#522)
* Enable guest services on package upgrade (#519)
* oslogin: Correctly handle newlines at the end of modified files (#520)
* Fix core plugin path (#518)
* Fix package build issues (#517)
* Fix dependencies ran go mod tidy -v (#515)
* Fix debian build path (#514)
* Bundle compat metadata script runner binary in package (#513)
* Bump golang.org/x/net from 0.27.0 to 0.36.0 (#512)
* Update startup/shutdown services to launch compat manager (#503)
* Bundle new gce metadata script runner binary in agent package (#502)
* Revert "Revert bundling new binaries in the package (#509)" (#511)
- Update to version 20250327.01 (bsc#1239763, bsc#1239866)
* Remove error messages from gce_workload_cert_refresh and
metadata script runner (#527)
- from version 20250327.00
* Update guest-logging-go dependency (#526)
* Add 'created-by' metadata, and pass it as option to logging library (#508)
* Revert "oslogin: Correctly handle newlines at the end of
modified files (#520)" (#523)
* Re-enable disabled services if the core plugin was enabled (#522)
* Enable guest services on package upgrade (#519)
* oslogin: Correctly handle newlines at the end of modified files (#520)
* Fix core plugin path (#518)
* Fix package build issues (#517)
* Fix dependencies ran go mod tidy -v (#515)
* Fix debian build path (#514)
* Bundle compat metadata script runner binary in package (#513)
* Bump golang.org/x/net from 0.27.0 to 0.36.0 (#512)
* Update startup/shutdown services to launch compat manager (#503)
* Bundle new gce metadata script runner binary in agent package (#502)
* Revert "Revert bundling new binaries in the package (#509)" (#511)
- from version 20250326.00
* Re-enable disabled services if the core plugin was enabled (#521)
- from version 20250324.00
* Enable guest services on package upgrade (#519)
* oslogin: Correctly handle newlines at the end of modified files (#520)
* Fix core plugin path (#518)
* Fix package build issues (#517)
* Fix dependencies ran go mod tidy -v (#515)
* Fix debian build path (#514)
* Bundle compat metadata script runner binary in package (#513)
* Bump golang.org/x/net from 0.27.0 to 0.36.0 (#512)
* Update startup/shutdown services to launch compat manager (#503)
* Bundle new gce metadata script runner binary in agent package (#502)
* Revert "Revert bundling new binaries in the package (#509)" (#511)
* Revert bundling new binaries in the package (#509)
* Fix typo in windows build script (#501)
* Include core plugin binary for all packages (#500)
* Update crypto library to fix CVE-2024-45337 (#499)
* Start packaging compat manager (#498)
* Start bundling ggactl_plugin_cleanup binary in all agent packages (#492)
* scripts: introduce a wrapper to locally build deb package (#490)
* Introduce compat-manager systemd unit (#497)
- from version 20250317.00
* Revert "Revert bundling new binaries in the package (#509)" (#511)
* Revert bundling new binaries in the package (#509)
* Fix typo in windows build script (#501)
* Include core plugin binary for all packages (#500)
* Update crypto library to fix CVE-2024-45337 (#499)
* Start packaging compat manager (#498)
* Start bundling ggactl_plugin_cleanup binary in all agent packages (#492)
* scripts: introduce a wrapper to locally build deb package (#490)
* Introduce compat-manager systemd unit (#497)
- from version 20250312.00
* Revert bundling new binaries in the package (#509)
* Fix typo in windows build script (#501)
* Include core plugin binary for all packages (#500)
* Update crypto library to fix CVE-2024-45337 (#499)
* Start packaging compat manager (#498)
* Start bundling ggactl_plugin_cleanup binary in all agent packages (#492)
* scripts: introduce a wrapper to locally build deb package (#490)
* Introduce compat-manager systemd unit (#497)
- from version 20250305.00
* Revert bundling new binaries in the package (#509)
* Fix typo in windows build script (#501)
* Include core plugin binary for all packages (#500)
* Update crypto library to fix CVE-2024-45337 (#499)
* Start packaging compat manager (#498)
* Start bundling ggactl_plugin_cleanup binary in all agent packages (#492)
* scripts: introduce a wrapper to locally build deb package (#490)
* Introduce compat-manager systemd unit (#497)
- from version 20250304.01
* Fix typo in windows build script (#501)
- from version 20250214.01
* Include core plugin binary for all packages (#500)
- from version 20250214.00
* Update crypto library to fix CVE-2024-45337 (#499)
- from version 20250212.00
* Start packaging compat manager (#498)
* Start bundling ggactl_plugin_cleanup binary in all agent packages (#492)
- from version 20250211.00
* scripts: introduce a wrapper to locally build deb package (#490)
* Introduce compat-manager systemd unit (#497)
- from version 20250207.00
* vlan: toggle vlan configuration in debian packaging (#495)
* vlan: move config out of unstable section (#494)
* Add clarification to comments regarding invalid NICs and the
`invalid` tag. (#493)
* Include interfaces in lists even if it has an invalid MAC. (#489)
* Fix windows package build failures (#491)
* vlan: don't index based on the vlan ID (#486)
* Revert PR #482 (#488)
* Remove Amy and Zach from OWNERS (#487)
* Skip interfaces in interfaceNames() instead of erroring if there is an (#482)
* Fix Debian packaging if guest agent manager is not checked out (#485)
- from version 20250204.02
* force concourse to move version forward.
- from version 20250204.01
* vlan: toggle vlan configuration in debian packaging (#495)
- from version 20250204.00
* vlan: move config out of unstable section (#494)
* Add clarification to comments regarding invalid NICs and the
`invalid` tag. (#493)
- from version 20250203.01
* Include interfaces in lists even if it has an invalid MAC. (#489)
- from version 20250203.00
* Fix windows package build failures (#491)
* vlan: don't index based on the vlan ID (#486)
* Revert PR #482 (#488)
* Remove Amy and Zach from OWNERS (#487)
* Skip interfaces in interfaceNames() instead of erroring if there is an (#482)
* Fix Debian packaging if guest agent manager is not checked out (#485)
- from version 20250122.00
* networkd(vlan): remove the interface in addition to config (#468)
* Implement support for vlan dynamic removal, update dhclient to
remove only if configured (#465)
* Update logging library (#479)
* Remove Pat from owners file. (#478)
- libxml2
-
- security update
- added patches
CVE-2025-32414 [bsc#1241551], out-of-bounds read when parsing text via the Python API
+ libxml2-CVE-2025-32414.patch
CVE-2025-32415 [bsc#1241453], a crafted XML document may lead to a heap-based buffer under-read
+ libxml2-CVE-2025-32415.patch
- kernel-default
-
- x86/bugs: Fix BHI retpoline check (git-fixes).
- commit 67aed4a
- x86/bugs: Fix BHI handling of RRSBA (git-fixes).
- Refresh
patches.suse/x86-bhi-do-not-set-BHI_DIS_S-in-32-bit-mode.patch.
- commit dab1e97
- x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (git-fixes).
- commit 01a0a7a
- x86/bugs: Fix return type of spectre_bhi_state() (git-fixes).
- commit 198eac5
- btrfs: don't BUG_ON() when 0 reference count at
btrfs_lookup_extent_info() (bsc#1230786 CVE-2024-46751).
- commit ed57497
- Refresh patches.suse/x86-bhi-Add-BHI-mitigation-knob.patch.
Fix a couple of issues with this backport, namely:
1. Wrong upstream commit id used
2. Missing hunk dealing with RETPOLINE being enabled on RRSBA CPUs, thus
obviating the need to have BHI mitigation explicitly enabled.
- commit daaf354
- Update
patches.suse/0084-dm-ioctl-fix-misbehavior-if-list_versions-races-with-module-loading.patch
(git-fixes CVE-2022-49771 bsc#1242686).
- Update
patches.suse/Bluetooth-L2CAP-Fix-use-after-free-caused-by-l2cap_r.patch
(CVE-2022-3564 bsc#1206073 CVE-2022-49910 bsc#1242452).
- Update
patches.suse/Bluetooth-L2CAP-fix-use-after-free-in-l2cap_conn_del.patch
(CVE-2025-21969 bsc#1240784 CVE-2022-49909 bsc#1242453).
- Update
patches.suse/Bluetooth-btsdio-fix-use-after-free-bug-in-btsdio_re.patch
(CVE-2023-1989 bsc#1210336 CVE-2023-53145 bsc#1243047).
- Update patches.suse/SUNRPC-Fix-a-server-shutdown-leak.patch
(git-fixes CVE-2023-53131 bsc#1242377).
- Update
patches.suse/arm64-bpf-Add-BHB-mitigation-to-the-epilogue-for-cBP.patch
(bsc#1242778 CVE-2025-37948 bsc#1243649).
- Update
patches.suse/arm64-bpf-Only-mitigate-cBPF-programs-loaded-by-unpr.patch
(bsc#1242778 CVE-2025-37963 bsc#1243660).
- Update
patches.suse/bpf-sockmap-Fix-the-sk-sk_forward_alloc-warning-of-s.patch
(bsc#1235485 CVE-2024-56633 CVE-2022-49877 bsc#1242483).
- Update
patches.suse/cifs-Fix-connections-leak-when-tlink-setup-failed.patch
(bsc#1190317 CVE-2022-49822 bsc#1242544).
- Update
patches.suse/dm-stats-check-for-and-propagate-alloc_percpu-failur-d3aa.patch
(git-fixes CVE-2023-53044 bsc#1242759).
- Update
patches.suse/ext4-fix-WARNING-in-ext4_update_inline_data.patch
(bsc#1213012 CVE-2023-53100 bsc#1242790).
- Update
patches.suse/ext4-fix-warning-in-ext4_da_release_space.patch
(bsc#1206887 CVE-2022-49880 bsc#1242734).
- Update
patches.suse/ext4-zero-i_disksize-when-initializing-the-bootloade.patch
(bsc#1213013 CVE-2023-53101 bsc#1242791).
- Update
patches.suse/ftrace-Fix-invalid-address-access-in-lookup_rec-when-index-is-0.patch
(git-fixes CVE-2023-53075 bsc#1242218).
- Update
patches.suse/ftrace-Fix-use-after-free-for-dynamic-ftrace_ops.patch
(git-fixes CVE-2022-49892 bsc#1242449).
- Update
patches.suse/gfs2-Check-sb_bsize_shift-after-reading-superblock.patch
(git-fixes CVE-2022-49769 bsc#1242440).
- Update patches.suse/ibmvnic-Free-rwi-on-reset-success.patch
(bsc#1184350 ltc#191533 git-fixes CVE-2022-49906 bsc#1242464).
- Update
patches.suse/igb-revert-rtnl_lock-that-causes-deadlock.patch
(git-fixes CVE-2023-53060 bsc#1242241).
- Update
patches.suse/ila-do-not-generate-empty-messages-in-ila_xlat_nl_cm.patch
(git-fixes CVE-2023-53141 bsc#1242362).
- Update
patches.suse/mISDN-fix-misuse-of-put_device-in-mISDN_register_dev.patch
(CVE-2022-49915 bsc#1242409 CVE-2022-49818 bsc#1242527).
- Update patches.suse/net-iucv-Fix-size-of-interrupt-data.patch
(bsc#1211466 CVE-2023-53108 bsc#1242422).
- Update
patches.suse/net-tunnels-annotate-lockless-accesses-to-dev-needed_headroom.patch
(CVE-2024-26804 bsc#1222629 CVE-2023-53109 bsc#1242405).
- Update
patches.suse/net-usb-lan78xx-Limit-packet-length-to-skb-len.patch
(git-fixes CVE-2023-53068 bsc#1242239).
- Update
patches.suse/net-usb-smsc75xx-Limit-packet-length-to-skb-len.patch
(git-fixes CVE-2023-53125 bsc#1242285).
- Update
patches.suse/net-usb-smsc95xx-Limit-packet-length-to-skb-len.patch
(git-fixes CVE-2023-53062 bsc#1242228).
- Update
patches.suse/net_sched-keep-alloc_hash-updated-after-hash-allocat.patch
(git-fixes CVE-2020-36791 bsc#1242835).
- Update
patches.suse/nfc-pn533-initialize-struct-pn533_out_arg-properly.patch
(CVE-2022-48875 bsc#1229516 CVE-2023-53119 bsc#1242370).
- Update
patches.suse/nfc-st-nci-Fix-use-after-free-bug-in-ndlc_remove-due.patch
(git-fixes bsc#1210337 CVE-2023-1990 CVE-2023-53106
bsc#1242215).
- Update
patches.suse/nfs4-Fix-kmemleak-when-allocate-slot-failed.patch
(git-fixes CVE-2022-49927 bsc#1242416).
- Update
patches.suse/nfsd-decrease-sc_count-directly-if-fail-to-queue-dl_.patch
(CVE-2025-22025 bsc#1241361 CVE-2025-37871 bsc#1242949).
- Update
patches.suse/ring-buffer-Check-for-NULL-cpu_buffer-in-ring_buffer_wake_waiters.patch
(git-fixes CVE-2022-49889 bsc#1242455).
- Update patches.suse/sch_htb-make-htb_deactivate-idempotent.patch
(CVE-2025-37798 bsc#1242414 CVE-2025-37953 bsc#1243543).
- Update
patches.suse/sch_htb-make-htb_qlen_notify-idempotent.patch
(CVE-2025-37798 bsc#1242414 CVE-2025-37932 bsc#1243627).
- Update
patches.suse/scsi-core-Remove-the-proc-scsi-proc_name-directory-earlier.patch
(git-fixes CVE-2023-53140 bsc#1242372).
- Update
patches.suse/scsi-mpt3sas-Fix-NULL-pointer-access-in-mpt3sas_transport_port_add.patch
(git-fixes CVE-2023-53124 bsc#1242165).
- Update
patches.suse/scsi-qla2xxx-Perform-lockless-command-completion-in-.patch
(git-fixes CVE-2023-53041 bsc#1242747).
- Update
patches.suse/scsi-qla2xxx-Synchronize-the-IOCB-count-to-be-in-ord.patch
(bsc#1209292 bsc#1209684 bsc#1209556 CVE-2023-53056
bsc#1242219).
- Update
patches.suse/scsi-scsi_dh_alua-Fix-memleak-for-qdata-in-alua_activate.patch
(git-fixes CVE-2023-53078 bsc#1242231).
- Update
patches.suse/scsi-zfcp-Fix-double-free-of-FSF-request-when-qdio-send-fails
(git-fixes CVE-2022-49789 bsc#1242366).
- Update
patches.suse/tcp-tcp_make_synack-can-be-called-from-process-conte.patch
(git-fixes CVE-2023-53121 bsc#1242225).
- Update
patches.suse/udf-Fix-a-slab-out-of-bounds-write-bug-in-udf_find_e.patch
(bsc#1206649 CVE-2022-49846 bsc#1242716).
- commit 69b5e67
- drm/scheduler: fix fence ref counting (bsc#1242691 CVE-2022-49829)
- commit 14778ea
- net: sched: extract qstats update code into functions
(CVE-2024-26740 bsc#1222563).
- refresh patches.suse/net-sched-act_mirred-don-t-override-retval-if-we-alr.patch
- commit e226feb
- net/sched: act_mirred: use the backlog for mirred ingress
(CVE-2024-26740 bsc#1222563).
- refresh patches.suse/net-sched-act_mirred-don-t-override-retval-if-we-alr.patch
- act_mirred: use the backlog for nested calls to mirred ingress
(CVE-2024-26740 bsc#1222563).
- net/sched: act_mirred: refactor the handle of xmit
(CVE-2024-26740 bsc#1222563).
- cleanup patches.suse/net-smc-Transitional-solution-for-clcsock-race-issue.patch
drop net/sched/act_mirred.c part which was a combination of unrelated
commits which are going to be backported separately now
- refresh patches.suse/net-sched-act_mirred-don-t-override-retval-if-we-alr.patch
- net: sched: don't expose action qstats to skb_tc_reinsert()
(CVE-2024-26740 bsc#1222563).
- net: sched: refactor reinsert action (CVE-2024-26740
bsc#1222563).
- commit 7ca05e8
- can: peak_usb: fix use after free bugs (bsc#1241407
CVE-2021-47670).
- blacklist.conf: blacklisted in error
- commit 3cc9a48
- xenbus: Use kref to track req lifetime (bsc#1243541
CVE-2025-37949).
- commit e59a814
- 9p/net: fix improper handling of bogus negative read/write
replies (bsc#1243077 CVE-2025-37879).
- commit fe1bf4b
- usb: gadget: u_audio: don't let userspace block driver unbind (CVE-2023-53045 bsc#1242756)
- commit 96aa745
- tipc: fix the msg->req tlv len check in tipc_nl_compat_name_table_dump_header (CVE-2022-49862 bsc#1242755)
- commit d64fec6
- net: macvlan: fix memory leaks of macvlan_common_newlink (CVE-2022-49853 bsc#1242688)
- commit d85ed83
- dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove() (CVE-2022-49861 bsc#1242580)
- commit f8dabfc
- ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network (CVE-2022-49865 bsc#1242570)
- commit 8923317
- net_sched: sch_sfq: move the limit validation (CVE-2025-37752 bsc#1242504)
- commit 3268e2e
- net_sched: sch_sfq: use a temporary work area for validating configuration (bsc#1232504)
- commit e350897
- net: ena: Fix error handling in ena_init() (CVE-2022-49813 bsc#1242497)
- commit 55f4ea4
- net: mdio: fix undefined behavior in bit shift for __mdiobus_register (CVE-2022-49907 bsc#1242450)
- commit 35b4747
- i40e: Fix kernel crash during reboot when adapter is in recovery mode (CVE-2023-53114 bsc#1242398)
- commit 9232bee
- ALSA: hda: fix potential memleak in 'add_widget_node' (CVE-2022-49835 bsc#1242385)
- commit b245eca
- nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send() (CVE-2022-49922 bsc#1242378)
- commit ec5842a
- ALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open() (CVE-2022-49772 bsc#1242147)
- commit 05dc09a
- Remove debug flavor (bsc#1243919).
This is only released in Leap, and we don't have Leap 42 anymore.
- commit c8f417b
- HID: hyperv: fix possible memory leak in mousevsc_probe()
(CVE-2022-49874 bsc#1242478).
- commit 4edbe8d
- Refresh patches.suse/netfilter-nf_tables-Reject-tables-of-unsupported-fam.patch.
Adjusted the backported patch as it caused a regression. bsc#1218752
- commit 9c294ed
- ipv6: Fix signed integer overflow in __ip6_append_data
(CVE-2022-49728 bsc#1239111).
- commit e5a4bfa
- devm-helpers: Add resource managed version of work init (bsc#1242745)
- commit af41987
- pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() (bsc#1242154)
- commit 28b2ba4
- nfc: fdp: add null check of devm_kmalloc_array in fdp_nci_i2c_read_device_properties (CVE-2023-53139 bsc#1242361)
- commit 2977dda
- misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() (CVE-2022-49788 bsc#1242353)
- commit 9e63e91
- mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put() (CVE-2022-49787 bsc#1242352)
- commit e6bd23b
- qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info (CVE-2023-53066 bsc#1242227)
- commit 3926868
- pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map (CVE-2022-49832 bsc#1242154)
- commit 18c2436
- HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev->devc (bsc#1242745)
- commit eb37482
- HID: intel-ish-hid: ipc: Fix potential use-after-free in work function (CVE-2023-53039 bsc#1242745)
- commit 09f159d
- workqueue: Add resource managed version of delayed work init (bsc#1242745)
- commit 26c1fec
- sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket
(CVE-2024-53168 bsc#1234887).
- commit 14cbc36
- ACPI: CPPC: Avoid out of bounds access when parsing _CPC data
(CVE-2022-49145 bsc#1238162).
- commit 470a12c
- mtd: phram: Add the kernel lock down check (bsc#1232649).
- commit 9010162
- net/sched: initialize noop_qdisc owner (git-fixes).
- commit 2dfc668
- nfc: nxp-nci: Fix potential memory leak in nxp_nci_send() (CVE-2022-49923 bsc#1242394)
- commit 90c2109
- NFC: nxp-nci: remove unnecessary labels (bsc#1242394)
- commit 211515d
- isofs: Prevent the use of too small fid (CVE-2025-37780 bsc#1242786)
- commit 66b8f1c
- wifi: mac80211: Purge vif txq in ieee80211_do_stop() (CVE-2025-37794 bsc#1242566)
- commit be7520f
- wifi: at76c50x: fix use after free access in at76_disconnect (CVE-2025-37796 bsc#1242727)
- commit 926c6d8
- ext4: fix off-by-one error in do_split (CVE-2025-23150 bsc#1242513)
- commit 63c211a
- net: phy: leds: fix memory leak (CVE-2025-37989 bsc#1243511).
- commit 80b696b
- kabi: hide owner from struct Qdisc (CVE-2024-27010,
bsc#1223720).
- net/sched: Fix mirred deadlock on device recursion
(CVE-2024-27010, bsc#1223720).
- commit 2646651
- Refresh patches.suse/net-mlx5-Fix-steering-rules-cleanup.patch.
- commit cad4104
- nfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred (CVE-2022-49729 bsc#1239060)
- commit e4a37ce
- net_sched: skbprio: Remove overly strict queue assertions (CVE-2025-38637 bsc#1241657).
- commit a3f71a8
- usbnet:fix NPE during rx_complete (CVE-2025-22050 bsc#1241441)
- commit b29f445
- thermal: int340x: Add NULL check for adev (CVE-2025-23136 bsc#1241357)
- commit aca813f
- btrfs: do not clean up repair bio if submit fails
(CVE-2022-49168 bsc#1238109).
- commit eb3f122
- ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path() (CVE-2023-52988 bsc#1240293)
- commit 47e6e52
- x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL (CVE-2023-52993 bsc#1240297)
- commit b8c925f
- firewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region (CVE-2023-52989 bsc#1240266)
- commit 4f68c93
- w1: fix WARNING after calling w1_process() (CVE-2022-49751 bsc#1240254)
- commit 9507421
- nfc: fdp: Fix potential memory leak in fdp_nci_send() (CVE-2022-49924 bsc#1242426)
- commit 1ff0fc5
- PM / devfreq: rk3399_dmc: Disable edev on remove() (CVE-2022-49460 bsc#1238892)
- commit 556bc32
- dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate (CVE-2022-49652 bsc#1238871)
- commit d4f6d8a
- ath9k_htc: fix potential out of bounds access with invalid rxstatus->rs_keyix (CVE-2022-49503 bsc#1238868)
- commit b38fbf8
- irqchip/gic-v3: Fix refcount leak in gic_populate_ppi_partitions (CVE-2022-49715 bsc#1238818)
- commit c85152c
- irqchip: gic-v3: Use of_cpu_node_to_id helper (bsc#1238818)
- commit 955125a
- net/mlx5: Fix steering rules cleanup (CVE-2023-53079
bsc#1242765).
- commit 4ab30d6
- ata: libata-transport: fix double ata_host_put() in
ata_tport_add() (CVE-2022-49826 bsc#1242549).
- commit a0074f3
- net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too
(CVE-2025-37823 bsc#1242924).
- commit 9b2e245
- team: better TEAM_OPTION_TYPE_STRING validation (CVE-2025-21787 bsc#1238774)
- commit c0334f8
- btrfs: fix inode list leak during backref walking at
resolve_indirect_refs() (CVE-2022-49914 bsc#1242427).
- commit f13d5c5
- thermal: core: prevent potential string overflow (CVE-2023-52868 bsc#1225044)
- commit 45a76bf
- bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb()
(CVE-2022-49840 bsc#1242447).
- commit 19b730c
- nfsd: decrease sc_count directly if fail to queue dl_recall
(CVE-2025-22025 bsc#1241361).
- commit 5566843
- nfsd: put dl_stid if fail to queue dl_recall (CVE-2025-22025
bsc#1241361).
- commit 36e54e4
- pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (CVE-2025-21702 bsc#1237312)
- commit 2cd0611
- usb: cdc-acm: Check control transfer buffer size before access (CVE-2025-21704 bnc#1237571)
- commit 25db018
- ptp: Ensure info->enable callback is always set (CVE-2025-21814 bsc#1238473)
- commit 04ecd88
- net/niu: Niu requires MSIX ENTRY_DATA fields touch before
entry reads (CVE-2025-37833 bsc#1242868).
- PCI/MSI: Add an option to write MSIX ENTRY_DATA before any reads
(CVE-2025-37833 bsc#1242868).
- commit 07a4c2c
- drm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create() (CVE-2025-37852 bsc#1243074).
- commit 85e74d7
- net: mvpp2: parser fix QinQ (CVE-2025-22060 bsc#1241526).
- Refresh
patches.suse/net-mvpp2-Prevent-parser-TCAM-memory-corruption.patch.
- commit 39cd74b
- nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur
(bsc#1235632 CVE-2024-56779).
- commit 6133296
- x86/smpboot: Remove unused phys_id variable (git-commit).
This fixes a build warning.
- commit ceba46a
- kernel/resource: fix kfree() of bootmem memory again
(CVE-2022-49190 bsc#1238130).
- commit 48c0013
- drm: msm: fix possible memory leak in mdp5_crtc_cursor_set() (CVE-2022-49467 bsc#1238815)
- commit 9b240ea
- drm/i915/selftests: fix subtraction overflow bug (CVE-2022-49635 bsc#1238806)
- commit c5c18ff
- net: ppp: Add bound checking for skb data on ppp_sync_txmung (CVE-2025-37749 bsc#1242859)
- commit a8fe412
- netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (CVE-2025-22063 bsc#1241351)
- commit 69b9c55
- tcp: cdg: allow tcp_cdg_release() to be called multiple times (CVE-2022-49775 bsc#1242245)
- commit 462783c
- PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type
(CVE-2025-23161 bsc#1242792).
- commit b40664f
- ocfs2: fix the issue with discontiguous allocation in the
global_bitmap (git-fixes).
- commit e15ed3a
- nfsd: fix race between laundromat and free_stateid()
(CVE-2024-50106 bsc#1232882).
- commit a790b42
- dmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size
data type (bsc#1238394 CVE-2022-49320).
- commit 436663c
- btrfs: fix inode list leak during backref walking at
find_parent_nodes() (bsc#1242470 CVE-2022-49913).
- commit c05de9e
- btrfs: replace BUG_ON() with error handling at
update_ref_for_cow() (bsc#1230794 CVE-2024-46752).
- commit acac3f6
- Btrfs: don't iterate mod seq list when putting a tree mod seq
(bsc#1242472 CVE-2022-49898).
- btrfs: always pin deleted leaves when there are active tree
mod log users (bsc#1242472 CVE-2022-49898).
- btrfs: fix tree mod log mishandling of reallocated nodes
(bsc#1242472 CVE-2022-49898).
- btrfs: use a bit to track the existence of tree mod log users
(bsc#1242472 CVE-2022-49898).
- btrfs: use the new bit BTRFS_FS_TREE_MOD_LOG_USERS at
btrfs_free_tree_block() (bsc#1242472 CVE-2022-49898).
- Refresh
patches.suse/0002-btrfs-Remove-fsid-metadata_fsid-fields-from-btrfs_in.patch.
- commit dacb815
- memcg_write_event_control(): fix a user-triggerable oops
(CVE-2024-45021 bsc#1230434).
- commit 4e6c9d7
- IB/hfi1: Correctly move list in sc_disable() (CVE-2022-49931 bsc#1242382)
- commit 581a698
- RDMA/core: Fix null-ptr-deref in ib_core_cleanup() (CVE-2022-49925 bsc#1242371)
- commit 629991b
- rtl818x: Prevent using not initialized queues (CVE-2022-49326 bsc#1238646)
- commit 2e4f859
- drm/rockchip: vop: fix possible null-ptr-deref in vop_bind() (CVE-2022-49491 bsc#1238539)
- commit cacfaf7
- driver core: fix deadlock in __device_attach (CVE-2022-49371 bsc#1238546)
- commit e1fc85e
- Refresh patches.suse/tpm-tis-Double-the-timeout-B-to-4s.patch.
- commit db263b9
- Update
patches.suse/USB-usbfs-Don-t-WARN-about-excessively-large-memory-.patch
(bsc#1222004 CVE-2021-47170 CVE-2021-20320).
- commit 2ffa0a7
- Update
patches.suse/sctp-fail-if-no-bound-addresses-can-be-used-for-a-gi.patch
(bsc#1206677 CVE-2023-1074).
- commit 2c70e65
- media: streamzap: fix race between device disconnection and
urb callback (CVE-2025-22027 bsc#1241369).
- commit 45f284f
- ASoC: soc-utils: Remove __exit for snd_soc_util_exit()
(CVE-2022-49842 bsc#1242484).
- commit dfda6bc
- ASoC: core: Fix use-after-free in snd_soc_exit() (CVE-2022-49842
bsc#1242484).
- commit 89ba7b3
- btrfs: always report error in run_one_delayed_ref() (CVE-2022-49761 bsc#1240261)
- commit e432f24
- netfilter: conntrack: clamp maximum hashtable size to INT_MAX (CVE-2025-21648 bsc#1236142)
- commit 9316b29
- media: usb: go7007: s2250-board: fix leak in probe() (CVE-2022-49253 bsc#1238420)
- commit db86595
- sfc: fix kernel panic when creating VF (CVE-2022-49625 bsc#1238411)
- commit bcdf72a
- arm64: insn: Fix two bugs in encoding 32-bit logical immediates
(bsc#1242778).
- commit 538ec8a
- arm64: insn: Add encoder for bitwise operations using literals
(bsc#1242778).
- arm64: insn: Add N immediate encoding (bsc#1242778).
- commit e6408da
- sch_htb: make htb_deactivate() idempotent (CVE-2025-37798
bsc#1242414).
- sch_qfq: make qfq_qlen_notify() idempotent (CVE-2025-37798
bsc#1242414).
- sch_hfsc: make hfsc_qlen_notify() idempotent (CVE-2025-37798
bsc#1242414).
- sch_drr: make drr_qlen_notify() idempotent (CVE-2025-37798
bsc#1242414).
- sch_htb: make htb_qlen_notify() idempotent (CVE-2025-37798
bsc#1242414).
- commit 85d67da
- bonding: Fix memory leak when changing bond type to Ethernet
(CVE-2023-53103 bsc#1242408).
- commit 03cee1f
- bonding: restore bond's IFF_SLAVE flag if a non-eth dev enslave
fails (CVE-2023-53103 bsc#1242408).
- bonding: restore IFF_MASTER/SLAVE flags on bond enslave ether
type change (CVE-2023-53103 bsc#1242408).
- commit c76a60e
- Revert "kABI workaround for changeing the variable length type to size_t"
Will evaluate again the CVE and resend the patch if needed
This reverts commit 467381126c46febb6e9adeba40f4439ab1b7f3cd.
- commit 859f819
- Revert "ipv6: Fix signed integer overflow in __ip6_append_data"
Will evaluate again the CVE and resend the patch if needed
This reverts commit 0c4609a89f1351bc34d1fdf73c438d3665a48988.
- commit 9b99659
- Fix cpufeatures kABI
Refresh patches.kabi/cpufeatures-kabi-fix.patch.
- commit aeb0991
- Refresh
patches.suse/0022-arm64-Use-the-clearbhb-instruction-in-mitigations.patch.
Bring in AARCH64_INSN_HINT_CLEARBHB, which was present in the mainline
patch.
- commit 7ece652
- Bring back 'enum bhb_mitigation_bits' and system_bhb_mitigations
(bsc#1242778)
- Refresh
patches.suse/0019-arm64-Mitigate-spectre-style-branch-history-side-cha.patch.
- Refresh
patches.suse/0022-arm64-Use-the-clearbhb-instruction-in-mitigations.patch.
- commit a6c8f92
- ath9k_htc: fix uninit value bugs (CVE-2022-49235 bsc#1238333)
- commit d0592f5
- drm/tegra: Fix reference leak in tegra_dsi_ganged_probe (CVE-2022-49216 bsc#1238338)
Refresh patches.suse/0001-drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch.
- commit dff7d50
- mtd: rawnand: atmel: fix refcount issue in atmel_nand_controller_init (CVE-2022-49212 bsc#1238331)
- commit fd64ee9
- phy: qcom-qmp: fix reset-controller leak on probe errors (CVE-2022-49396 bsc#1238289)
- commit 64c16d6
- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs
(bsc#1242778).
- commit d71d27e
- arm64: proton-pack: Add new CPUs 'k' values for branch
mitigation (bsc#1242778).
- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged
users (bsc#1242778).
- arm64: proton-pack: Expose whether the branchy loop k value
(bsc#1242778).
- arm64: proton-pack: Expose whether the platform is mitigated
by firmware (bsc#1242778).
- arm64: insn: Add support for encoding DSB (bsc#1242778).
- commit ebb0869
- Refresh
patches.suse/x86-bhi-do-not-set-BHI_DIS_S-in-32-bit-mode.patch.
- Refresh
patches.suse/x86-bpf-add-IBHF-call-at-end-of-classic-BPF.patch.
- Refresh
patches.suse/x86-bpf-call-branch-history-clearing-sequence-on-exit.patch.
Update the patch-mainline header, these patches are expected to be
found upstream at a later date.
- commit 8ba543d
- net: openvswitch: fix nested key length validation in the set()
action (CVE-2025-37789 bsc#1242762).
- commit a168326
- tty: serial: fsl_lpuart: fix race on RX DMA shutdown
(CVE-2023-53094 bsc#1242288).
- commit 053969f
- Update
patches.suse/bpf-Verifer-adjust_scalar_min_max_vals-to-always-call-update_reg_bounds.patch
(bsc#1194227 CVE-2021-4159).
- commit 33266c3
- Update
patches.suse/s390-bpf-Wrap-JIT-macro-parameter-usages-in-parentheses.patch
(bsc#1190601 CVE-2021-20320).
- Update
patches.suse/s390-bpf-fix-64-bit-subtraction-of-the-0x80000000-constant.patch
(bsc#1190601 CVE-2021-20320).
- Update
patches.suse/s390-bpf-fix-branch-shortening-during-codegen-pass.patch
(bsc#1190601 CVE-2021-20320).
- Update
patches.suse/s390-bpf-fix-optimizing-out-zero-extensions.patch
(bsc#1190601 CVE-2021-20320).
- Update
patches.suse/s390-bpf-implement-jitting-of-BPF_ALU-BPF_ARSH-BPF_.patch
(bsc#1190601 CVE-2021-20320).
- commit 3b96b15
- scsi: iscsi_tcp: Fix UAF during logout when accessing the
shost ipaddress (CVE-2023-52975 bsc#1240322).
- scsi: iscsi: Move pool freeing (CVE-2023-52975 bsc#1240322).
- commit d8d45ff
- netfilter: socket: Lookup orig tuple for IPv6 SNAT
(CVE-2025-22021 bsc#1241282).
- commit 3b93136
- xsk: Add missing overflow check in xdp_umem_reg (CVE-2023-53080
bsc#1242287).
- commit 8b15409
- net_sched: hfsc: Fix a UAF vulnerability in class handling
(CVE-2025-37797 bsc#1242417).
- commit 66a1309
- codel: remove sch->q.qlen check before
qdisc_tree_reduce_backlog() (CVE-2025-37798 bsc#1242414).
- commit 7a9bb75
- hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key
(bsc#1242770 CVE-2025-37782).
- commit 51b3882
- udp: Fix memory accounting leak (CVE-2025-22058 bsc#1241332).
- commit 229f687
- fbdev: hyperv_fb: Simplify hvfb_putmem (git-fixes).
- commit 67adb16
- Bluetooth: fix null ptr deref on hci_sync_conn_complete_evt
(bsc#1238032 CVE-2022-49139).
- commit b38b106
- net: stmmac: fix dma queue left shift overflow issue
(CVE-2022-49592 bsc#1238311).
- commit 1b0d1c7
- Bluetooth: fix dangling sco_conn and use-after-free in
sco_sock_timeout (bsc#1238071 CVE-2022-49474).
- commit 6360cef
- x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778).
- x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778).
- x86/bpf: Call branch history clearing sequence on exit
(bsc#1242778).
- commit 59473c9
- fbdev: hyperv_fb: Allow graceful removal of framebuffer
(git-fixes CVE-2025-21976 bsc#1241145).
- Delete patches.suse/suse-hv-hyperv_fb-rmmod.patch, no longer
needed.
- commit a082a24
- net: gso: fix panic on frag_list with mixed head alloc types
(CVE-2022-49872 bsc#1242594).
- commit 3e759e0
- mISDN: fix possible memory leak in mISDN_dsp_element_register()
(CVE-2022-49821 bsc#1242542).
- commit 22495af
- mISDN: fix misuse of put_device() in mISDN_register_device()
(CVE-2022-49915 bsc#1242409).
- commit 2af5c07
- mISDN: fix possible memory leak in mISDN_register_device()
(CVE-2022-49915 bsc#1242409).
- commit 1096349
- net: tun: call napi_schedule_prep() to ensure we own a napi
(CVE-2022-49871 bsc#1242558).
- net: tun: Fix memory leaks of napi_get_frags (CVE-2022-49871
bsc#1242558).
- macvlan: enforce a consistent minimal mtu (CVE-2022-49776
bsc#1242248).
- commit de7a2f0
- Update
patches.suse/dm-crypt-add-cond_resched-to-dmcrypt_write-fb29.patch
(git-fixes CVE-2023-53051 bsc#1242284).
- commit a2c06ba
- Regression in CVE-2024-56641 fix (CVE-2024-56641, bsc#1235526, bsc#1242319).
- commit a257d42
- soc: rockchip: Fix refcount leak in rockchip_grf_init (CVE-2022-49382 bsc#1238306)
- commit b778a78
- ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction (CVE-2022-49248 bsc#1238284)
- commit 340a548
- tty: fix deadlock caused by calling printk() under tty_port->lock (CVE-2022-49441 bsc#1238263)
- commit 1148c0f
- Refresh patches.suse/suse-hv-hyperv_fb-rmmod.patch.
Fix the following warning:
drivers/video/fbdev/hyperv_fb.c:1363:20: warning: 'hvfb_drv_exit' defined but not used
- commit ce05eff
- audit: Send netlink ACK before setting connection in auditd_set
(bsc#1231450).
- commit f8c00d6
- Update
patches.suse/can-dev-can_get_echo_skb-prevent-call-to-kfree_skb-i.patch
(git-fixes CVE-2020-36789 bsc#1241408).
- Update
patches.suse/can-dev-can_restart-fix-use-after-free-bug.patch
(git-fixes CVE-2021-47668 bsc#1241404).
- Update
patches.suse/can-vxcan-vxcan_xmit-fix-use-after-free-bug.patch
(git-fixes CVE-2021-47669 bsc#1241405).
- Update patches.suse/fou-fix-initialization-of-grc.patch
(CVE-2024-46763 bsc#1230764 CVE-2024-46865 bsc#1231103).
- Update
patches.suse/ndisc-use-RCU-protection-in-ndisc_alloc_skb.patch
(bsc#1239994 CVE-2025-21764 bsc#1237885).
- commit fcb2f6d
- cifs: Fix integer overflow while processing actimeo mount option
(git-fixes).
- commit 0c62491
- cifs: Fix integer overflow while processing acdirmax mount
option (CVE-2025-21963 bsc#1240717).
- commit 6c82fff
- net: annotate races around sk->sk_bound_dev_if (CVE-2022-49420
bsc#1238887).
- commit e87db68
- cifs: Fix integer overflow while processing acregmax mount
option (CVE-2025-21964 bsc#1240740).
- commit 759fa98
- hyperv_fb: disable rmmod (bsc#1241145, CVE-2025-21976).
- commit 001b30c
- drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume (CVE-2022-49489 bsc#1238244)
- commit 70ef453
- drm/amd/display: Fix a NULL pointer dereference in amdgpu_dm_connector_add_common_modes() (CVE-2022-49232 bsc#1238139)
- commit 233d2c0
- remoteproc: qcom_q6v5_mss: Fix some leaks in q6v5_alloc_memory_region (CVE-2022-49188 bsc#1238138)
- commit 2da2636
- remoteproc: qcom_q6v5_mss: Extract mba/mpss from memory-region (bsc#1238138)
- commit 2730746
- PM: core: keep irq flags in device_pm_check_callbacks() (CVE-2022-49175 bsc#1238099)
- commit ab8e651
- pinctrl: renesas: core: Fix possible null-ptr-deref in sh_pfc_map_resources() (CVE-2022-49445 bsc#1238019)
- commit 27189c5
- ibmvnic: Use kernel helpers for hex dumps (CVE-2025-22104 bsc#1241550)
- commit bc8cac0
- kABI workaround for changeing the variable length type to size_t
(CVE-2022-49728 bsc#1239111).
- commit 4673811
- ipv6: Fix signed integer overflow in __ip6_append_data
(CVE-2022-49728 bsc#1239111).
- commit 0c4609a
- igmp: Fix data-races around sysctl_igmp_llm_reports
(CVE-2022-49590 bsc#1238844).
- commit ffcf577
- ipv6: mcast: add RCU protection to mld_newpack() (CVE-2025-21758
bsc#1238737).
- commit ca8335c
- net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels
(CVE-2025-21768 bsc#1238714).
- commit 4d13df3
- atm: Fix NULL pointer dereference (CVE-2025-22018 bsc#1241266)
- commit bc9b2c6
- drivers: staging: rtl8192u: Fix deadlock in ieee80211_beacons_stop() (CVE-2022-49305 bsc#1238645)
- commit f20b488
- Bluetooth: Fix use after free in hci_send_acl (bsc#1237984
CVE-2022-49111).
- commit 3cd0c1c
- net: mvpp2: Prevent parser TCAM memory corruption
(CVE-2025-22060 bsc#1241526).
- commit 37e999b
- Revert "exec: fix the racy usage of fs_struct->in_exec (CVE-2025-22029"
This reverts commit 14a10bfdc080f8fa12291efe393e7af680537978.
This turned out to be not an issue. See https://bugzilla.suse.com/show_bug.cgi?id=1241378#c4
- commit 4a60e73
- net: ibmveth: make veth_pool_store stop hanging (CVE-2025-22053
bsc#1241373).
- commit 4494ff2
- netfilter: IDLETIMER: Fix for possible ABBA deadlock
(CVE-2024-54683 bsc#1235729).
- commit 938d034
- exec: fix the racy usage of fs_struct->in_exec (CVE-2025-22029
bsc#1241378).
- commit 14a10bf
- bfq: Make sure bfqg for which we are queueing requests is online
(bsc#1238307 CVE-2022-49411).
- blacklist.conf: Remove commit from blacklist
- commit 4daae62
- bfq: Track whether bfq_group is still online (bsc#1238307
CVE-2022-49411).
- commit e167d48
- ext4: fix OOB read when checking dotdot dir (bsc#1241640
CVE-2025-37785).
- commit 0093423
- filemap: Fix bounds checking in filemap_read() (bsc#1234209
CVE-2024-50272 bsc#1233461).
- commit e0c4cb2
- fs: relax assertions on failure to encode file handles
(bsc#1236086 CVE-2024-57924).
- commit ee1cce6
- Update references in patches.suse/ext4-fixup-pages-without-buffers.patch
(bsc#1205495 CVE-2022-49171 bsc#1238093).
- commit 3a68ec8
- tpm: Change to kvalloc() in eventlog/acpi.c (CVE-2024-58005 bsc#1237873)
- commit 055cc9d
- nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()
(bsc#1240714 CVE-2025-21927).
- commit 1b9235e
- bpf, selftests: Add verifier test case for imm=0,umin=0,umax=1
scalar (bsc#1238803 CVE-2022-49658).
- commit 76015e8
- bpf: Fix insufficient bounds propagation from
adjust_scalar_min_max_vals (bsc#1238803 CVE-2022-49658).
- commit a84c655
- dlm: prevent NPD when writing a positive value to event_done
(bsc#1241601 CVE-2025-23131).
- commit d96b67e
- PCI/ASPM: Fix link state exit during switch upstream function
removal (CVE-2024-58093 bsc#1241347).
- commit 323974a
- RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow (CVE-2025-22086 bsc#1241458)
- commit 9222451
- drm/amdgpu/cs: make commands with 0 chunks illegal behaviour (CVE-2022-49335 bsc#1238377)
- commit 093b1d6
- drm/amd/amdgpu/amdgpu_cs: fix refcount leak of a dma_fence obj (CVE-2022-49137 bsc#1238155)
- commit c883f61
- printk: Fix signed integer overflow when defining
LOG_BUF_LEN_MAX (bsc#1237950 CVE-2024-58017 bsc#1239112).
- commit 7c45b05
- fou: fix initialization of grc (CVE-2024-46763 bsc#1230764).
- commit 34d05f5
- drop_monitor: fix incorrect initialization order (CVE-2025-21862
bsc#1239474).
- net: openvswitch: fix leak of nested actions (CVE-2022-49086
bsc#1238037).
- commit 907826c
- fou: Fix null-ptr-deref in GRO (CVE-2024-46763 bsc#1230764).
- commit 87825b6
- net: fix geneve_opt length integer overflow (CVE-2025-22055
bsc#1241371).
- commit 7a515dd
- hwpoison, memory_hotplug: lock folio before unmap hwpoisoned
folio (CVE-2025-21931 bsc#1240709).
- commit 4b52623
- skbuff: introduce skb_pull_data (bsc#1235038 CVE-2024-56590).
- commit 4f3bce2
- rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy
(CVE-2025-21635 bsc#1236111).
- commit 30122f9
- Bluetooth: hci_core: Fix not checking skb length on
hci_acldata_packet (bsc#1235038 CVE-2024-56590).
- commit 2b46315
- partitions: mac: fix handling of bogus partition table
(CVE-2025-21772 bsc#1238911).
- scsi: lpfc: Resolve NULL ptr dereference after an ELS LOGO is
aborted (CVE-2022-49730 bsc#1239070).
- scsi: lpfc: Fix resource leak in lpfc_sli4_send_seq_to_ulp()
(CVE-2022-49521 bsc#1238938).
- scsi: lpfc: Fix call trace observed during I/O with CMF enabled
(CVE-2022-49537 bsc#1238930).
- scsi: lpfc: Protect memory leak for NPIV ports sending PLOGI_RJT
(CVE-2022-49534 bsc#1238893).
- scsi: lpfc: Fix null pointer dereference after failing to
issue FLOGI and PLOGI (CVE-2022-49535 bsc#1238937).
- commit 9071ce6
- scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock
(CVE-2022-49536 bsc#1238838).
- Refresh
patches.suse/scsi-lpfc-Validate-hdwq-pointers-before-dereferencin.patch.
- commit 1f1a811
- block, bfq: don't move oom_bfqq (CVE-2022-49179 bsc#1238092).
- commit 08606de
- drivers/base/node.c: fix compaction sysfs file leak (CVE-2022-49442 bsc#1238243)
- commit 769486d
- dmaengine: Fix double increment of client_count in dma_chan_get() (CVE-2022-49753 bsc#1240250)
- commit 8be64a3
- tcp: add accessors to read/set tp->snd_cwnd (CVE-2022-49325
bsc#1238398).
- Refresh
patches.suse/tcp-fix-tcp_mtup_probe_success-vs-wrong-snd_cwnd.patch.
- commit 00d8ac0
- net: altera: Fix refcount leak in altera_tse_mdio_create
(CVE-2022-49351 bsc#1237939).
- commit 3aeeb63
- mac80211: fix potential double free on mesh join (CVE-2022-49290 bsc#1238156)
- commit 1243bb0
- wifi: rtlwifi: fix memory leaks and invalid access at probe error path (CVE-2024-58063 bsc#1238984)
- commit fac1ba9
- wifi: brcmfmac: Check the return value of of_property_read_string_index() (CVE-2025-21750 bsc#1238905)
- commit f37f3e1
- wifi: brcmfmac: use strreplace() in brcmf_of_probe() (bsc#1238905)
- commit af07444
- brcmfmac: of: remove redundant variable len (bsc#1238905)
- commit 990953e
- brcmfmac: of: Use devm_kstrdup for board_type & check for errors (bsc#1238905)
- commit d9e8c8a
- net: nfc: Fix use-after-free in local_cleanup() (CVE-2023-53023 bsc#1240309)
- commit f91c2a0
- i40e: Fix call trace in setup_tx_descriptors (CVE-2022-49725 bsc#1238016)
- commit 4f6a558
- net: gso: fix ownership in __udp_gso_segment (CVE-2025-21926
bsc#1240712).
- commit 112bb59
- wifi: cfg80211: regulatory: improve invalid hints checking
(CVE-2025-21910 bsc#1240583).
- commit 2ad169d
- wifi: nl80211: reject cooked mode if it is set along with
other flags (CVE-2025-21909 bsc#1240590).
- commit b2acee6
- net: atm: fix use after free in lec_send() (CVE-2025-22004
bsc#1240835).
- commit cc63f73
- drm/plane: Move range check for format_count earlier (CVE-2021-47659 bsc#1237839)
- commit cc111ee
- dm integrity: fix memory corruption when tag_size is less than digest size (CVE-2022-49044 bsc#1237840)
- commit be90f4e
- net/smc: Fix NULL pointer dereference in smc_pnet_find_ib() (CVE-2022-49060 bsc#1237845)
- commit 867ee3a
- drm/amdkfd: Check for potential null return of kmalloc_array() (CVE-2022-49055 bsc#1237868)
- commit afbd83d
- driver: base: fix UAF when driver_attach failed (CVE-2022-49385 bsc#1237951)
- commit 3dcc3aa
- drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf (CVE-2022-49693 bsc#1237954)
- commit d40fafb
- PM / devfreq: exynos-ppmu: Fix refcount leak in of_get_devfreq_events (CVE-2022-49668 bsc#1237957)
- commit fff3251
- media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init (CVE-2022-49478 bsc#1238000)
- commit 5c8c17f
- media: cx25821: Fix the warning when removing the module (CVE-2022-49525 bsc#1238022)
- commit 8b2ba54
- scsi: lpfc: Move cfg_log_verbose check before calling
lpfc_dmp_dbg() (CVE-2022-49542 bsc#1238722).
- commit 2fbb1a4
- scsi: pm8001: Fix tag leaks on error (CVE-2022-49121
bsc#1237926).
- Refresh
patches.suse/scsi-pm8001-Fix-memory-leak-in-pm8001_chip_fw_flash_.patch.
- commit 1183fb2
- block: fix integer overflow in BLKSECDISCARD (CVE-2024-49994
bsc#1237757).
- scsi: lpfc: Inhibit aborts if external loopback plug is inserted
(CVE-2022-49504 bsc#1238835).
- scsi: hisi_sas: Free irq vectors in order for v3 HW
(CVE-2022-49118 bsc#1237979).
- bfq: fix use-after-free in bfq_dispatch_request (CVE-2022-49176
bsc#1238097).
- commit 61a23eb
- Refresh
patches.suse/net-usb-usbnet-restore-usb-d-name-exception-for-loca.patch.
Patch has been accepted upstream. Moving to correct section.
- commit 44e2f7a
- drm/amd/display: Assign normalized_pix_clk when color depth = 14 (bsc#1240739 CVE-2025-21956)
- commit 8258112
- regulator: check that dummy regulator has been probed before
using it (CVE-2025-22008 bsc#1240942).
- commit e222593
- drm/amd/display: Fix null check for pipe_ctx->plane_state in (bsc#1240701 CVE-2025-21941)
- commit 4fd9018
- blk-throttle: Set BIO_THROTTLED when bio has been throttled
(CVE-2022-49465 bsc#1238919).
- commit 885f88f
- usb: xhci: Fix NULL pointer dereference on certain command aborts (CVE-2024-57981 bsc#1237912)
- commit a6014fc
- media: uvcvideo: Fix double free in error path (CVE-2024-57980 bsc#1237911)
- commit c75a886
- NFC: nci: Add bounds checking in nci_hci_create_pipe() (CVE-2025-21735 bsc#1238497)
- commit 1703ca8
- drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit() (CVE-2024-52559 bsc#1238507)
- commit 151c011
- Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc (CVE-2024-58009 bsc#1238760)
- commit f77505b
- KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel (CVE-2025-21779 bsc#1238768)
- commit c0bacb1
- netfilter: xtables: fix typo causing some targets not to load
on IPv6 (CVE-2024-50038 bsc#1231910).
- netfilter: xtables: avoid NFPROTO_UNSPEC where needed
(CVE-2024-50038 bsc#1231910).
- commit 758059b
- RDMA/hns: Fix soft lockup during bt pages loop (CVE-2025-22010 bsc#1240943)
- commit 4f43f30
- i2c: designware: use casting of u64 in clock multiplication to avoid overflow (CVE-2022-49749 bsc#1240243)
- commit 8e8de37
- HID: appleir: Fix potential NULL dereference at raw event handle (CVE-2025-21948 bsc#1240703)
- commit 00a5124
- scsi: qla1280: Fix kernel oops when debug level > 2 (CVE-2025-21957 bsc#1240742)
- commit bd23d83
- net: let net.core.dev_weight always be non-zero (CVE-2025-21806 bsc#1238746)
- commit f158377
- net: Fix data-races around weight_p and dev_weight_[rt]x_bias (bsc#1238746)
- commit f948447
- Bluetooth: L2CAP: Fix build errors in some archs (CVE-2025-21969
bsc#1240784).
- commit 7b7dc2b
- Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del()
(CVE-2025-21969 bsc#1240784).
- Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression
(CVE-2025-21969 bsc#1240784).
- commit 45ad638
- kABI workaround for l2cap_conn changes (CVE-2025-21969
bsc#1240784).
- commit 7316449
- Bluetooth: L2CAP: Fix corrupted list in hci_chan_del
(CVE-2025-21969 bsc#1240784).
- Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put
(CVE-2025-21969 bsc#1240784).
- commit afacee7
- Bluetooth: Fix error code in chan_alloc_skb_cb() (bsc#1240582
CVE-2025-22007).
- commit b580f9e
- drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() (CVE-2025-21996 bsc#1240801).
- commit 4ea5dea
- usb: atm: cxacru: fix a flaw in existing endpoint checks
(bsc#1240582 CVE-2025-21916).
- commit e17a34b
- Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd
(CVE-2025-21969 bsc#1240784).
- commit 900222a
- iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in
ibft_attr_show_nic() (CVE-2025-21993 bsc#1240797).
- commit 1c1b4a4
- tpm: tis: Double the timeout B to 4s (bsc#1235870).
- commit e4e19da
- tpm, tpm_tis: Workaround failed command reception on Infineon
devices (bsc#1235870).
- commit 87601ca
- ppp: Fix KMSAN uninit-value warning with bpf (CVE-2025-21922
bsc#1240639).
- commit ca66710
- arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (CVE-2025-21785 bsc#1238747)
- commit 24fbd3b
- rapidio: add check for rio_add_net() in rio_scan_alloc_net()
(CVE-2025-21935 bsc#1240700).
- rapidio: fix an API misues when rio_add_net() fails
(CVE-2025-21934 bsc#1240708).
- commit df62006
- macsec: fix UAF bug for real_dev (CVE-2022-49390 bsc#1238233)
- commit d0ae16a
- dax: make sure inodes are flushed before destroy cache (CVE-2022-49220 bsc#1237936)
- commit dd8bb0a
- sysctl: Fix data races in proc_douintvec() (CVE-2022-49641 bsc#1237831)
- commit 1859db6
- gpu: host1x: Fix a memory leak in 'host1x_remove()' (CVE-2021-47648 bsc#1237725)
- commit 565f8ec
- qede: confirm skb is allocated before using (CVE-2022-49084 bsc#1237751)
- commit a2a6334
- net: fix data-races around sk->sk_forward_alloc (CVE-2024-53124
bsc#1234074).
- commit 7d9d482
- netfilter: conntrack: re-fetch conntrack after insertion
(CVE-2022-49561 bsc#1238537).
- commit d3e0ad2
- netfilter: ipset: Fix overflow before widen in the
bitmap_ip_create() function (CVE-2023-53032 bsc#1240270).
- commit 7dde838
- ipv4: prevent potential spectre v1 gadget in
ip_metrics_convert() (CVE-2023-52997 bsc#1240303).
- commit ed98686
- sysctl: Fix data races in proc_douintvec_minmax() (CVE-2022-49640 bsc#1237782)
- commit 0dfbf72
- kernel/sysctl.c: define minmax conv functions in terms of non-minmax versions (bsc#1237782)
- commit 1263b48
- Update references for patches.suse/kernel-sysctl.c-add-missing-range-check-in-do_proc_d.patch (bsc#1237782 bsc#1051510)
- commit 51d8dd8
- pipe: reject F_SETPIPE_SZ with size over UINT_MAX (bsc#1237782)
- commit 57c3c8a
- pipe, sysctl: remove pipe_proc_fn() (bsc#1237782)
- commit 5b47dc3
- pipe, sysctl: drop 'min' parameter from pipe-max-size converter (bsc#1237782)
- commit 559c162
- sysctl: check for UINT_MAX before unsigned int min/max (bsc#1237782)
- commit 6169ace
- pipe: add proc_dopipe_max_size() to safely assign pipe_max_size (bsc#1237782)
- commit 2f6a8d2
- Update references for patches.suse/pipe-match-pipe_max_size-data-type-with-procfs.patch (bsc#1237782 git-fixes)
- commit 4bc1ec0
- nfc: st21nfca: fix memory leaks in EVT_TRANSACTION handling (CVE-2022-49331 bsc#1237813)
- commit 8331408
- phy: qcom-qmp: fix struct clk leak on probe errors (CVE-2022-49397 bsc#1237823)
- commit 29ed697
- KVM: VMX: Prevent RSB underflow before vmenter (CVE-2022-49610
bsc#1238952).
- commit bea6096
- x86/kexec: Fix double-free of elf header buffer (git-fixes
CVE-2022-49546 bsc#1238750).
- x86/kexec: fix memory leak of elf header buffer (CVE-2022-49546
bsc#1238750).
- commit 69722e9
- Refresh patches.suse/ipv6-icmp-convert-to-dev_net_rcu.patch.
- commit 8cd0e69
- bpf, sockmap: Fix double uncharge the mem of sk_msg
(CVE-2022-49205 bsc#1238335).
- commit f6c5311
- af_netlink: Fix shift out of bounds in group mask calculation
(CVE-2022-49197 bsc#1238455).
- commit 9a4a535
- uprobes: Reject the shared zeropage in uprobe_write_opcode() (CVE-2025-21881 bsc#1240185)
- commit f4218b4
- firmware: dmi-sysfs: Fix null-ptr-deref in dmi_sysfs_register_handle (bsc#1238467)
- commit 1cd86ca
- scsi: target: tcmu: Fix possible page UAF (CVE-2022-49053
bsc#1237918).
- commit beef048
- mm/khugepaged: fix ->anon_vma race (CVE-2023-52935 bsc#1240276).
- commit a534f8f
- usbnet: gl620a: fix endpoint checking in genelink_bind()
(bsc#1240172 CVE-2025-21877).
- commit 4ca0b45
- Refresh
patches.suse/ipv4-use-RCU-protection-in-ip_dst_mtu_maybe_forward.patch.
- commit 22f6eba
- netem: Update sch->q.qlen before qdisc_tree_reduce_backlog()
(git-fixes CVE-2025-21703 bsc#1237313).
- commit cbd2039
- net: sfp: fix memory leak in sfp_probe() (CVE-2022-49619 bsc#1239003)
- commit 04c9c14
- net: tipc: fix possible refcount leak in tipc_sk_create() (CVE-2022-49620 bsc#1239002)
- commit 73f1781
- team: prevent adding a device which is already a team device lower (CVE-2024-58071 bsc#1238970
- commit 850cca8
- tcp: tcp_rtx_synack() can be called from process context
(CVE-2022-49372 bsc#1238251).
- commit 2b7ccd1
- af_unix: Fix a data-race in unix_dgram_peer_wake_me()
(CVE-2022-49344 bsc#1237988).
- commit 906cfb9
- net/sched: netem: account for backlog updates from child qdisc
(CVE-2024-56770 bsc#1235637).
- net/smc: fix LGR and link use-after-free issue (CVE-2024-56640
bsc#1235436).
- netlink: terminate outstanding dump on socket close
(CVE-2024-53140 bsc#1234222).
- commit fa3efff
- net: mana: Support holes in device list reply msg (bsc#1240133).
- ipvlan: ensure network headers are in skb linear part
(CVE-2025-21891 bsc#1240186).
- bnxt: Do not read past the end of test names (CVE-2023-53010
bsc#1240290).
- net: mdio: validate parameter addr in mdiobus_get_phy()
(CVE-2023-53019 bsc#1240286).
- commit 44816a5
- wifi: brcmfmac: Check the count value of channel spec to
prevent out-of-bounds reads (CVE-2022-49740 bsc#1240233).
- commit 0c49112
- Update
patches.suse/ibmvnic-Don-t-reference-skb-after-sending-to-VIOS.patch
(CVE-2025-21858 bsc#1239468 CVE-2025-21855 bsc#1239484).
- commit f98b7e1
- Update
patches.suse/media-cx24116-prevent-overflows-on-SNR-calculus.patch
(CVE-2024-50290 bsc#1233479 bsc#1225742).
- Update
patches.suse/media-dvbdev-prevent-the-risk-of-out-of-memory-acces.patch
(CVE-2024-53063 bsc#1233557 bsc#1225742).
- commit 3bb8dac
- Update
patches.suse/HID-betop-check-shape-of-output-reports.patch
(git-fixes bsc#1207186 CVE-2023-53015 bsc#1240288).
- Update
patches.suse/Squashfs-fix-handling-and-sanity-checking-of-xattr_i.patch
(git-fixes CVE-2023-52933 bsc#1240275).
- Update
patches.suse/bpf-Fix-pointer-leak-due-to-insufficient-speculative.patch
(bsc#1231375 CVE-2023-53024 bsc#1240272).
- Update
patches.suse/cifs-Fix-oops-due-to-uncleared-server-smbd_conn-in-reconnect.patch
(bsc#1190317 CVE-2023-53006 bsc#1240208).
- Update
patches.suse/cifs-fix-potential-memory-leaks-in-session-setup.patch
(bsc#1190317 CVE-2023-53008 bsc#1240318).
- Update
patches.suse/netlink-prevent-potential-spectre-v1-gadgets.patch
(bsc#1209547 CVE-2017-5753 CVE-2023-53000 bsc#1240227).
- Update
patches.suse/powerpc-imc-pmu-Fix-use-of-mutex-in-IRQs-disabled-se.patch
(bsc#1054914 fate#322448 git-fixes CVE-2023-53031 bsc#1240285).
- Update
patches.suse/scsi-iscsi_tcp-Fix-UAF-during-login-when-accessing-the-shost-ipaddress.patch
(bsc#1210647 CVE-2023-2162 CVE-2023-52974 bsc#1240213).
- Update
patches.suse/squashfs-harden-sanity-check-in-squashfs_read_xattr_.patch
(git-fixes CVE-2023-52979 bsc#1240282).
- Update
patches.suse/tracing-Make-sure-trace_printk-can-output-as-soon-as-it-can-be-used.patch
(git-fixes CVE-2023-53007 bsc#1240229).
- Update
patches.suse/vc_screen-move-load-of-struct-vc_data-pointer-in-vcs.patch
(bsc#1213167 CVE-2023-3567 CVE-2023-52973 bsc#1240218).
- commit 5c75cc8
- Update
patches.suse/cpufreq-governor-Use-kobject-release-method-to-free-dbs_data.patch
(bsc#1237800 CVE-2022-49513).
- commit d961554
- um: Fix out-of-bounds read in LDT setup (CVE-2022-49395 bsc#1237953)
- commit 9b1534c
- firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle (CVE-2022-49370 bsc#1238467)
- commit 56fb9f5
- ipw2x00: Fix potential NULL dereference in libipw_xmit() (CVE-2022-49544 bsc#1238721)
- commit b1c6aa1
- tee: optee: Fix supplicant wait loop (CVE-2025-21871
bsc#1240183).
- commit dd819c0
- team: add ethtool get_link_ksettings (bsc#1228909).
- commit 29a7164
- Refresh
patches.suse/net-remove-two-BUG-from-skb_checksum_help.patch.
- commit f154628
- cpufreq: governor: Use kobject release() method to free dbs_data
(bsc#1237800).
- dbs_data kABI workaround (bsc#1237800 CVE-2022-49513).
- commit 1891c97
- cpufreq: Move to_gov_attr_set() to cpufreq.h (bsc#1237800
CVE-2022-49513).
- commit af55b29
- net: usb: usbnet: restore usb%d name exception for local mac
addresses (bsc#1234480).
- commit c9b9e0d
- scsi: pm8001: Fix memory leak in pm8001_chip_fw_flash_update_req() (CVE-2022-49119 bsc#1237925)
- commit 3b2e4a3
- scsi: pm8001: Fix task leak in pm8001_send_abort_all() (CVE-2022-49120 bsc#1237969)
- commit 5941b1a
- RDMA/hfi1: Prevent use of lock before it is initialized (CVE-2022-49433 bsc#1238268)
- commit 6b108b0
- drm/msm/hdmi: check return value after calling
platform_get_resource_byname() (CVE-2022-49495 bsc#1237932).
- commit 250e248
- ipv6: mcast: extend RCU protection in igmp6_send()
(CVE-2025-21759 bsc#1238738).
- commit de67669
- ndisc: extend RCU protection in ndisc_send_skb() (CVE-2025-21760
bsc#1238763).
- commit bbd5bed
- vrf: use RCU protection in l3mdev_l3_out() (CVE-2025-21791
bsc#1238512).
- commit 67aac47
- arp: use RCU protection in arp_xmit() (CVE-2025-21762
bsc#1238780).
- commit 86c524f
- neighbour: use RCU protection in __neigh_notify()
(CVE-2025-21763 bsc#1237897).
- commit d195b5b
- ndisc: use RCU protection in ndisc_alloc_skb() (bsc#1239994).
- commit f3d8410
- ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu()
(bsc#1239994).
- commit 794c7eb
- ipv6: Use RCU in ip6_input() (bsc#1239994).
- commit 81adbde
- ipv6: icmp: convert to dev_net_rcu() (bsc#1239994).
- commit 86dda00
- ipv6: use RCU protection in ip6_default_advmss() (CVE-2025-21765
bsc#1237906).
- commit 00b5f63
- ipv4: use RCU protection in __ip_rt_update_pmtu()
(CVE-2025-21766 bsc#1238754).
- commit ae267d9
- ipv4: use RCU protection in inet_select_addr() (bsc#1239994).
- commit 442e2c4
- ipv4: use RCU protection in rt_is_expired() (bsc#1239994).
- commit 6439cd7
- ipv4: use RCU protection in ip_dst_mtu_maybe_forward()
(bsc#1239994).
- commit 6b0f168
- ipv4: add RCU protection to ip4_dst_hoplimit() (bsc#1239994).
- commit fc7ba98
- net: add dev_net_rcu() helper (bsc#1239994).
- commit 51827b8
- net: treat possible_net_t net pointer as an RCU one and add
read_pnet_rcu() (bsc#1239994).
- commit a3369f3
- drm/amdgpu: Fix potential NULL pointer dereference in
atomctrl_get_smc_sclk_range_table (CVE-2024-58052 bsc#1238986).
- commit 9320da0
- KVM: Explicitly verify target vCPU is online in kvm_get_vcpu()
(CVE-2024-58083 bsc#1239036).
- commit 22cf047
- nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (CVE-2025-21848
bsc#1239479).
- commit 55016a1
- igc: Reinstate IGC_REMOVED logic and implement it properly
(CVE-2022-49605 bsc#1238433).
- commit 5af1e50
- net: dsa: mv88e6xxx: Fix refcount leak in
mv88e6xxx_mdios_register (CVE-2022-49367 bsc#1238447).
- commit 3ebb662
- net: tun: unlink NAPI from device on destruction (CVE-2022-49672
bsc#1238816).
- commit e432fa1
- kABI fix for tcp: properly terminate timers for kernel sockets
(CVE-2024-35910 bsc#1224489).
- commit 03a709f
- ip: Fix data-races around sysctl_ip_prot_sock. (CVE-2022-49578 bsc#1238794)
- commit 55c2c0e
- kABI fix for mptcp: add sk_stop_timer_sync helper
(CVE-2024-35910 bsc#1224489).
- commit d3152b9
- mptcp: add sk_stop_timer_sync helper (CVE-2024-35910
bsc#1224489).
- Refresh patches.suse/net-add-sock_init_data_uid.patch.
- commit b72feae
- net: remove two BUG() from skb_checksum_help() (CVE-2022-49497
bsc#1238946).
- commit 243b7fc
- net: bonding: fix use-after-free after 802.3ad slave unbind (CVE-2022-49667 bsc#1238282)
- commit bd21be6
- wifi: mac80211: fix use-after-free in chanctx code (CVE-2022-49416 bsc#1238293)
- commit 40d129d
- bus: fsl-mc-bus: fix KASAN use-after-free in fsl_mc_bus_remove() (CVE-2022-49711 bsc#1238416)
- commit 1048344
- media: pci: cx23885: Fix the error handling in cx23885_initdev() (CVE-2022-49524 bsc#1238949)
- commit 45001c2
- NFC: NULL out the dev->rfkill to prevent UAF (CVE-2022-49505 bsc#1238615)
- commit 8dd4c4d
- kABI: protect mr_ifc_count change (CVE-2022-49589 bsc#1238598).
- igmp: Fix data-races around sysctl_igmp_qrv (CVE-2022-49589
bsc#1238598).
- net: igmp: increase size of mr_ifc_count (CVE-2022-49589
bsc#1238598).
- net: igmp: fix data-race in igmp_ifc_timer_expire()
(CVE-2022-49589 bsc#1238598).
- commit 3efb324
- i2c: dev: check return value when calling dev_set_name() (CVE-2022-49046 bsc#1237842)
- commit de84566
- btrfs: fix qgroup reserve overflow the qgroup limit
(CVE-2022-49075 bsc#1237733).
- commit bf9031a
- ceph: fix inode reference leakage in ceph_get_snapdir() (CVE-2022-49109 bsc#1237836)
- commit d418afc
- ceph: fix up error handling with snapdirs (bsc#1237836)
- commit f7001b0
- ubi: ubi_create_volume: Fix use-after-free when volume creation failed (CVE-2022-49388 bsc#1237934)
- commit 0d5c203
- ceph: fix memory leak in ceph_readdir when note_last_dentry returns error (CVE-2022-49107 bsc#1237973)
- commit 40beec1
- ila: serialize calls to nf_register_net_hooks() (CVE-2024-57900
bsc#1235973).
- commit d69423e
- tcp: properly terminate timers for kernel sockets
(CVE-2024-35910 bsc#1224489).
- commit 5ce5df8
- ACPI: PAD: fix crash in exit_round_robin() (bsc#1232370
CVE-2024-49935).
- commit e03632e
- Update
patches.suse/netfilter-nf_tables-initialize-registers-in-nft_do_c.patch
(CVE-2022-1016 bsc#1197227 CVE-2022-49293 bsc#1239454).
- commit cedf6cd
- fbdev: omap: use threaded IRQ for LCD DMA (bsc#1239174 CVE-2025-21821)
- commit f159c1f
- drm/amd/pm: fix double free in si_parse_power_table() (bsc#1238944 CVE-2022-49530)
- commit dfebfa5
- net: phy: micrel: Allow probing without .driver_data
(CVE-2022-49472 bsc#1238951).
- ice: always check VF VSI pointer values (CVE-2022-49516
bsc#1238953).
- commit f9c1961
- geneve: Suppress list corruption splat in
geneve_destroy_tunnels() (CVE-2025-21858 bsc#1239468).
- gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl()
(CVE-2025-21865 bsc#1239481).
- ibmvnic: Don't reference skb after sending to VIOS
(CVE-2025-21858 bsc#1239468).
- geneve: Fix use-after-free in geneve_find_dev() (CVE-2025-21858
bsc#1239468).
- commit 7c11337
- net: fix SO_REUSEPORT return code (bsc#1239448)
- commit 3c526b1
- nfsd: clear acl_access/acl_default after releasing them
(bsc#1238716 CVE-2025-21796).
- commit d1c11c1
- acct: perform last write from workqueue (CVE-2025-21846
bsc#1239508).
- commit 5fc1617
- irqchip/gic-v3: Fix GICR_CTLR.RWP polling (git-fixes
CVE-2022-49074 bsc#1237728).
- commit 9f6dc13
- media: staging: media: zoran: calculate the right buffer number
for zoran_reap_stat_com (CVE-2021-47645 bsc#1237767).
- commit eab4973
- PCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1
(CVE-2025-21831 bsc#1239039).
- commit 10f73c4
- net/smc: check iparea_offset and ipv6_prefixes_cnt when
receiving proposal msg (CVE-2024-49571 bsc#1235733).
- commit ef9a771
- kABI fix for l2tp: prevent possible tunnel refcount underflow
(CVE-2024-49940 bsc#1232812).
Upstream commit 24256415d186 ("l2tp: prevent possible tunnel
refcount underflow") changed the API of `l2tp_session_set_header_len()`
and this patch re-introduces the API in that version.
- commit 803eb4b
- l2tp: prevent possible tunnel refcount underflow (CVE-2024-49940
bsc#1232812).
- commit 377601f
- drm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock (bsc#1238600 CVE-2022-49488)
- commit b961f00
- bpf, sockmap: Fix memleak in tcp_bpf_sendmsg while sk msg is
full (bsc#1238252 CVE-2022-49209).
- commit aeb9c23
- scripts: fix incorrect regex escape
With Tumbleweed's recent switch to Python 3.13 recently I noticed
several syntax warning related to regex
.../scripts/python/suse_git/patch.py:57: SyntaxWarning: invalid escape sequence '\*'
break_matcher = re.compile(b"(---|\*\*\*|Index:)[ \t][^ \t]|^diff -")
.../scripts/python/git_sort/git_sort.py:490: SyntaxWarning: invalid escape sequence '\.'
version_match = re.compile("refs/tags/v(2\.6\.\d+|\d\.\d+)(-rc\d+)?$")
.../scripts/python/git_sort/git_sort.py:578: SyntaxWarning: invalid escape sequence '\.'
m = re.search("v([0-9]+)\.([0-9]+)(|-rc([0-9]+))$", tags[-1])
Fix them by using raw string/byte literal instead.
Link: https://docs.python.org/3/reference/lexical_analysis.html#string-and-bytes-literals
- commit 74871be
- netpoll: Fix race condition in netpoll_owner_active
(CVE-2024-41005 bsc#1227858).
- net: make sure napi_list is safe for RCU traversal
(CVE-2024-41005 bsc#1227858).
- commit b55492f
- net: usb: aqc111: Fix out-of-bounds accesses in RX fixup
(bsc#1237903 CVE-2022-49051).
- commit eb6ef6f
- usb: musb: sunxi: Fix accessing an released usb phy (bsc#1233458
CVE-2024-50269).
- commit 14a906c
- USB: hub: Ignore non-compliant devices with too many configs
or interfaces (bsc#1238909 CVE-2025-21776).
- commit 6d1cc77
- net: usb: rtl8150: enable basic endpoint checking (bsc#1239087
CVE-2025-21708).
- commit 582b035
- Refresh
patches.suse/net-smc-fix-kernel-panic-caused-by-race-of-smc_sock.patch.
- commit 89c4c51
- ALSA: usb-audio: Cancel pending work at closing a MIDI substream
(CVE-2022-49545 bsc#1238729).
- commit c5aef00
- net_sched: sch_sfq: don't allow 1 packet limit (CVE-2024-57996
bsc#1239076).
- commit 30f09ff
- wifi: brcmfmac: fix NULL pointer dereference in
brcmf_txfinalize() (CVE-2025-21744 bsc#1238903).
- commit af88382
- Update
patches.suse/0006-dm-raid-fix-accesses-beyond-end-of-raid-member-array.patch
(git-fixes CVE-2022-49674 bsc#1239041).
- Update
patches.suse/0013-block-don-t-delete-queue-kobject-before-its-children.patch
(git-fixes CVE-2022-49259 bsc#1238413).
- Update
patches.suse/0013-dm-mirror-log-round-up-region-bitmap-size-to-BITS_PE.patch
(git-fixes CVE-2022-49710 bsc#1238417).
- Update
patches.suse/0015-bfq-Update-cgroup-information-before-merging-bio.patch
(git-fixes CVE-2022-49413 bsc#1238710).
- Update
patches.suse/0074-dm-ioctl-prevent-potential-spectre-v1-gadget.patch
(git-fixes CVE-2022-49122 bsc#1237983).
- Update
patches.suse/0077-nbd-call-genl_unregister_family-first-in-nbd_cleanup.patch
(git-fixes CVE-2022-49295 bsc#1238707).
- Update
patches.suse/0078-nbd-fix-race-between-nbd_alloc_config-and-module-removal.patch
(git-fixes CVE-2022-49300 bsc#1238183).
- Update
patches.suse/0079-nbd-fix-io-hung-while-disconnecting-device.patch
(git-fixes CVE-2022-49297 bsc#1238469).
- Update
patches.suse/ALSA-pcm-Fix-potential-AB-BA-lock-with-buffer_mutex-.patch
(CVE-2022-1048 bsc#1197331 CVE-2022-49272 bsc#1238272).
- Update
patches.suse/ALSA-pcm-Fix-races-among-concurrent-hw_params-and-hw.patch
(CVE-2022-1048 bsc#1197331 CVE-2022-49291 bsc#1238705).
- Update
patches.suse/ALSA-pcm-Fix-races-among-concurrent-prealloc-proc-wr.patch
(CVE-2022-1048 bsc#1197331 CVE-2022-49288 bsc#1238271).
- Update
patches.suse/ALSA-pcm-oss-Fix-race-at-SNDCTL_DSP_SYNC.patch
(CVE-2022-3303 bsc#1203769 CVE-2022-49733 bsc#1238454).
- Update
patches.suse/Bluetooth-hci_qca-Use-del_timer_sync-before-freeing.patch
(git-fixes CVE-2022-49555 bsc#1238231).
- Update
patches.suse/NFSD-prevent-underflow-in-nfssvc_decode_writeargs.patch
(git-fixes CVE-2022-49280 bsc#1238630).
- Update
patches.suse/PCI-Avoid-pci_dev_lock-AB-BA-deadlock-with-sriov_num.patch
(git-fixes CVE-2022-49434 bsc#1238916).
- Update
patches.suse/RDMA-hfi1-Prevent-panic-when-SDMA-is-disabled.patch
(git-fixes CVE-2022-49429 bsc#1238889).
- Update
patches.suse/SUNRPC-Fix-the-svc_deferred_event-trace-class.patch
(git-fixes CVE-2022-49065 bsc#1237739).
- Update
patches.suse/bpf-sockmap-Fix-more-uncharged-while-msg-has-more_da.patch
(bsc#1235485 CVE-2024-56633 CVE-2022-49204 bsc#1238240).
- Update
patches.suse/cgroup-Use-separate-src-dst-nodes-when-preloading-css_sets-for-migration.patch
(bsc#1201610 CVE-2022-49647 bsc#1238805).
- Update patches.suse/cifs-fix-handlecache-and-multiuser.patch
(bsc#1190317 CVE-2022-49281 bsc#1238635).
- Update
patches.suse/cifs-potential-buffer-overflow-in-handling-symlinks.patch
(bsc#1190317 CVE-2022-49058 bsc#1237814).
- Update
patches.suse/cifs-prevent-bad-output-lengths-in-smb2_ioctl_query_info-.patch
(bsc#1190317 CVE-2022-49271 bsc#1238626).
- Update patches.suse/crypto-qat-fix-memory-leak-in-RSA.patch
(git-fixes CVE-2022-49566 bsc#1238266).
- Update patches.suse/dlm-fix-plock-invalid-read.patch (git-fixes
CVE-2022-49407 bsc#1238180).
- Update
patches.suse/dm-raid-fix-KASAN-warning-in-raid5_add_disks.patch
(git-fixes CVE-2022-49673 bsc#1238933).
- Update
patches.suse/drbd-Fix-five-use-after-free-bugs-in-get_initial_state
(git-fixes CVE-2022-49085 bsc#1238036).
- Update
patches.suse/drivers-usb-host-Fix-deadlock-in-oxu_bus_suspend.patch
(git-fixes CVE-2022-49313 bsc#1238633).
- Update
patches.suse/drm-virtio-fix-NULL-pointer-dereference-in-virtio_gp.patch
(git-fixes CVE-2022-49532 bsc#1238925).
- Update
patches.suse/exec-Force-single-empty-string-when-argv-is-empty.patch
(bsc#1200571 CVE-2022-49264 bsc#1237815).
- Update patches.suse/ext4-add-reserved-GDT-blocks-check.patch
(bsc#1202712 CVE-2022-49707 bsc#1239035).
- Update patches.suse/ext4-avoid-cycles-in-directory-h-tree.patch
(bsc#1198577 CVE-2022-1184 CVE-2022-49343 bsc#1238382).
- Update patches.suse/ext4-fix-bug_on-ext4_mb_use_inode_pa.patch
(bsc#1200810 CVE-2022-49708 bsc#1238599).
- Update patches.suse/ext4-fix-bug_on-in-__es_tree_search.patch
(bsc#1200809 CVE-2022-49409 bsc#1238279).
- Update patches.suse/ext4-fix-bug_on-in-ext4_writepages.patch
(bsc#1200872 CVE-2022-49347 bsc#1238393).
- Update
patches.suse/ext4-fix-race-condition-between-ext4_write-and-ext4_.patch
(bsc#1200807 CVE-2022-49414 bsc#1238623).
- Update
patches.suse/ext4-fix-use-after-free-in-ext4_rename_dir_prepare.patch
(bsc#1200871 CVE-2022-49349 bsc#1238372).
- Update patches.suse/icmp-Fix-data-races-around-sysctl.patch
(CVE-2024-47678 bsc#1231854 git-fixes CVE-2022-49638
bsc#1238613).
- Update
patches.suse/ixgbe-Add-locking-to-prevent-panic-when-setting-srio.patch
(git-fixes CVE-2022-49584 bsc#1237933).
- Update patches.suse/list-fix-a-data-race-around-ep-rdllist.patch
(git-fixes CVE-2022-49443 bsc#1238434).
- Update
patches.suse/md-bitmap-don-t-set-sb-values-if-can-t-pass-sanity-c.patch
(bsc#1197158 CVE-2022-49526 bsc#1238030).
- Update
patches.suse/module-fix-e_shstrndx-.sh_size-0-OOB-access.patch
(git-fixes CVE-2022-49444 bsc#1238127).
- Update
patches.suse/msft-hv-2556-Drivers-hv-vmbus-Fix-potential-crash-on-module-unloa.patch
(git-fixes CVE-2022-49098 bsc#1238079).
- Update
patches.suse/mxser-fix-xmit_buf-leak-in-activate-when-LSR-0xff.patch
(git-fixes CVE-2022-49191 bsc#1238133).
- Update
patches.suse/net-asix-add-proper-error-handling-of-usb-read-error.patch
(git-fixes CVE-2022-49226 bsc#1238336).
- Update
patches.suse/nvme-pci-fix-a-NULL-pointer-dereference-in-nvme_allo.patch
(git-fixes CVE-2022-49492 bsc#1238954).
- Update
patches.suse/ocfs2-dlmfs-fix-error-handling-of-user_dlm_destroy_l.patch
(git-fixes CVE-2022-49337 bsc#1238376).
- Update
patches.suse/powerpc-pseries-Fix-use-after-free-in-remove_phb_dyn.patch
(bsc#1065729 bsc#1198660 ltc#197803 CVE-2022-49196 bsc#1238274).
- Update
patches.suse/powerpc-tm-Fix-more-userspace-r13-corruption.patch
(bsc#1065729 CVE-2022-49164 bsc#1238108).
- Update
patches.suse/powerpc-xics-fix-refcount-leak-in-icp_opal_init.patch
(bsc#1065729 CVE-2022-49432 bsc#1238950).
- Update
patches.suse/powerpc-xive-Fix-refcount-leak-in-xive_spapr_init.patch
(fate#322438 git-fixes CVE-2022-49437 bsc#1238443).
- Update
patches.suse/powerpc-xive-spapr-correct-bitmap-allocation-size.patch
(fate#322438 git-fixes CVE-2022-49623 bsc#1239040).
- Update
patches.suse/scsi-libfc-Fix-use-after-free-in-fc_exch_abts_resp.patch
(git-fixes CVE-2022-49114 bsc#1238146).
- Update
patches.suse/scsi-lpfc-Address-NULL-pointer-dereference-after-sta.patch
(git-fixes CVE-2022-49332 bsc#1238236).
- Update
patches.suse/scsi-pm8001-Fix-abort-all-task-initialization
(git-fixes CVE-2022-49217 bsc#1238313).
- Update
patches.suse/scsi-qla2xxx-Fix-crash-during-module-load-unload-tes.patch
(bsc#1197661 CVE-2022-49160 bsc#1238172).
- Update
patches.suse/scsi-qla2xxx-Fix-premature-hw-access-after-PCI-error.patch
(bsc#1195823 CVE-2022-49157 bsc#1238169).
- Update
patches.suse/scsi-qla2xxx-Fix-scheduling-while-atomic.patch
(bsc#1195823 CVE-2022-49156 bsc#1238168).
- Update
patches.suse/scsi-qla2xxx-Fix-warning-message-due-to-adisc-being-.patch
(bsc#1195823 CVE-2022-49158 bsc#1238170).
- Update
patches.suse/scsi-qla2xxx-Implement-ref-count-for-SRB.patch
(bsc#1195823 CVE-2022-49159 bsc#1238171).
- Update
patches.suse/scsi-qla2xxx-Suppress-a-kernel-complaint-in-qla_crea.patch
(bsc#1195823 CVE-2022-49155 bsc#1237941).
- Update
patches.suse/scsi-zorro7xx-Fix-a-resource-leak-in-zorro7xx_remove_one
(git-fixes CVE-2022-49095 bsc#1237752).
- Update
patches.suse/tcp-fix-tcp_mtup_probe_success-vs-wrong-snd_cwnd.patch
(bsc#1218450 CVE-2022-49330 bsc#1238378).
- Update
patches.suse/tpm-fix-reference-counting-for-struct-tpm_chip.patch
(CVE-2022-2977 bsc#1202672 CVE-2022-49287 bsc#1238276).
- Update
patches.suse/tracing-Fix-sleeping-function-called-from-invalid-context-on-RT-kernel.patch
(git-fixes CVE-2022-49322 bsc#1238396).
- Update
patches.suse/usb-dwc2-Fix-memory-leak-in-dwc2_hcd_init.patch
(git-fixes CVE-2022-49713 bsc#1238419).
- Update
patches.suse/usb-usbip-fix-a-refcount-leak-in-stub_probe.patch
(git-fixes CVE-2022-49389 bsc#1238257).
- Update patches.suse/usbnet-fix-memory-leak-in-error-case.patch
(git-fixes CVE-2022-49657 bsc#1238269).
- Update
patches.suse/veth-Ensure-eth-header-is-in-skb-s-linear-part.patch
(git-fixes CVE-2022-49066 bsc#1237722).
- Update
patches.suse/video-fbdev-clcdfb-Fix-refcount-leak-in-clcdfb_of_vr.patch
(bsc#1129770 CVE-2022-49421 bsc#1238819).
- Update
patches.suse/virtio_console-eliminate-anonymous-module_init-modul.patch
(git-fixes CVE-2022-49100 bsc#1237735).
- Update
patches.suse/virtio_net-fix-xdp_rxq_info-bug-after-suspend-resume.patch
(git-fixes CVE-2022-49687 bsc#1238181).
- Update
patches.suse/x86-speculation-fill-rsb-on-vmexit-for-ibrs.patch
(bsc#1201726 CVE-2022-26373 CVE-2022-49611 bsc#1238618).
- Update
patches.suse/xen-netback-avoid-entering-xenvif_rx_next_skb-with-a.patch
(bsc#1201381 CVE-2022-49649 bsc#1238612).
- Update
patches.suse/xprtrdma-treat-all-calls-not-a-bcall-when-bc_serv-is.patch
(git-fixes CVE-2022-49321 bsc#1238373).
- commit c156b3c
- Update
patches.suse/0008-video-fbdev-smscufx-Fix-null-ptr-deref-in-ufx_usb_pr.patch
(bsc#1129770 CVE-2021-47652 bsc#1237721).
- Update
patches.suse/ath5k-fix-OOB-in-ath5k_eeprom_read_pcal_info_5111.patch
(git-fixes CVE-2021-47633 bsc#1237768).
- commit 9ae3067
- rdma/cxgb4: Prevent potential integer overflow on 32bit (CVE-2024-57973 bsc#1238531)
- commit dbbc8b2
- RDMA/hfi1: Fix potential integer multiplication overflow errors (CVE-2022-49404 bsc#1238430)
- commit 80a20e6
- nfc: nci: add flush_workqueue to prevent uaf (CVE-2022-49059 bsc#1238007)
- commit 305c681
- ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg (CVE-2022-49727 bsc#1239059)
- commit 7f3b150
- can: m_can: m_can_tx_handler(): fix use after free of skb (CVE-2022-49275 bsc#1238719)
- commit 1fdfcc6
- crypto: qat - add param check for DH (CVE-2022-49564 bsc#1238789)
- commit 7f4f28c
- crypto: qat - add param check for RSA (CVE-2022-49563 bsc#1238787)
- commit f87e665
- wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (CVE-2024-58014 bsc#1239109)
- commit fe78d7b
- orangefs: fix a oob in orangefs_debug_write (git-fixes
bsc#1239117 CVE-2025-21782).
- commit 6a7a2b9
- ALSA: jack: Fix mutex call in snd_jack_report() (CVE-2022-49538
bsc#1238843).
- commit 0a9be43
- kABI workaround for snd_jack.input_dev_lock field
(CVE-2022-49538 bsc#1238843).
- commit 0decf9d
- ALSA: jack: Access input_dev under mutex (CVE-2022-49538
bsc#1238843).
- ath10k: skip ath10k_halt during suspend for driver state
RESTARTING (CVE-2022-49519 bsc#1238943).
- commit b758634
- extcon: Modify extcon device to be created after driver data
is set (CVE-2022-49308 bsc#1238654).
- commit bb2d5d7
- ALSA: oss: Fix PCM OSS buffer allocation overflow
(CVE-2022-49292 bsc#1238625).
- commit 05f3e03
- wifi: rtlwifi: remove unused check_buddy_priv (CVE-2024-58072
bsc#1238964).
- commit ca6cdaf
- perf/core: Fix data race between perf_event_set_output()
and perf_mmap_close() (CVE-2022-49607 bsc#1238817).
- commit 7d0651a
- kABI workaround for pps changes (CVE-2024-57979 bsc#1238521).
- commit ecc73ae
- pps: Fix a use-after-free (CVE-2024-57979 bsc#1238521).
- commit 5e01f6b
- net: hns3: fix oops when unload drivers paralleling
(CVE-2025-21802 bsc#1238751).
- be2net: Fix buffer overflow in be_get_module_eeprom
(CVE-2022-49581 bsc#1238540).
- commit f8f5e83
- tpm: use try_get_ops() in tpm-space.c (CVE-2022-49286
bsc#1238647).
- commit 0f153ea
- ipvs: fix UB due to uninitialized stack access in
ip_vs_protocol_init() (CVE-2024-53680 bsc#1235715).
- commit 8dac11a
- kABI workaround for bluetooth hci_conn struct change
(CVE-2024-36968 bsc#1226130).
- commit be09290
- Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init()
(CVE-2024-36968 bsc#1226130).
- commit 930b6c7
- scsi: qedf: Ensure the copied buf is NUL terminated
(CVE-2024-38559 bsc#1226785).
- commit 15b9d87
- libxslt
-
- Security fixes:
* Fix use-after-free of XPath context node [bsc#1239625, CVE-2025-24855]
* Fix UAF related to excluded namespaces [bsc#1239637, CVE-2024-55549]
* Add patches:
- libxslt-CVE-2024-55549.patch
- libxslt-CVE-2025-24855.patch
- expat
-
- version update to 2.7.1 for SLE-12
- modified sources
% expatfaq.html
- deleted patches
- config-guess-sub-update.patch (upstreamed)
- expat-2.1.0-CVE-2016-9063.patch (upstreamed)
- expat-2.1.0-heap_buffer_overflow.patch (upstreamed)
- expat-2.1.0-parser_crashes_on_malformed_input.patch (upstreamed)
- expat-2.1.1-CVE-2012-6702.patch (upstreamed)
- expat-CVE-2017-9233.patch (upstreamed)
- expat-CVE-2018-20843.patch (upstreamed)
- expat-CVE-2019-15903-tests.patch (upstreamed)
- expat-CVE-2019-15903.patch (upstreamed)
- expat-CVE-2021-45960.patch (upstreamed)
- expat-CVE-2021-46143.patch (upstreamed)
- expat-CVE-2022-22822.patch (upstreamed)
- expat-CVE-2022-22823.patch (upstreamed)
- expat-CVE-2022-22824.patch (upstreamed)
- expat-CVE-2022-22825.patch (upstreamed)
- expat-CVE-2022-22826.patch (upstreamed)
- expat-CVE-2022-22827.patch (upstreamed)
- expat-CVE-2022-23852.patch (upstreamed)
- expat-CVE-2022-23990.patch (upstreamed)
- expat-CVE-2022-25235.patch (upstreamed)
- expat-CVE-2022-25236-relax-fix.patch (upstreamed)
- expat-CVE-2022-25236.patch (upstreamed)
- expat-CVE-2022-25313-fix-regression.patch (upstreamed)
- expat-CVE-2022-25313.patch (upstreamed)
- expat-CVE-2022-25314-before.patch (upstreamed)
- expat-CVE-2022-25314.patch (upstreamed)
- expat-CVE-2022-25315.patch (upstreamed)
- expat-CVE-2022-40674.patch (upstreamed)
- expat-CVE-2022-43680.patch (upstreamed)
- expat-CVE-2023-52425-1.patch (upstreamed)
- expat-CVE-2023-52425-2.patch (upstreamed)
- expat-CVE-2023-52425-backport-parser-changes.patch (upstreamed)
- expat-CVE-2023-52425-fix-tests.patch (upstreamed)
- expat-CVE-2024-45490.patch (upstreamed)
- expat-CVE-2024-45491.patch (upstreamed)
- expat-CVE-2024-45492.patch (upstreamed)
- expat-CVE-2024-50602.patch (upstreamed)
- expat-alloc-size.patch (upstreamed)
- expat-visibility.patch (upstreamed)
- version update to 2.7.1
Bug fixes:
[#980] #989 Restore event pointer behavior from Expat 2.6.4
(that the fix to CVE-2024-8176 changed in 2.7.0);
affected API functions are:
- XML_GetCurrentByteCount
- XML_GetCurrentByteIndex
- XML_GetCurrentColumnNumber
- XML_GetCurrentLineNumber
- XML_GetInputContext
Other changes:
[#976] #977 Autotools: Integrate files "fuzz/xml_lpm_fuzzer.{cpp,proto}"
with Automake that were missing from 2.7.0 release tarballs
[#983] #984 Fix printf format specifiers for 32bit Emscripten
[#992] docs: Promote OpenSSF Best Practices self-certification
[#978] tests/benchmark: Resolve mistaken double close
[#986] Address compiler warnings
[#990] #993 Version info bumped from 11:1:10 (libexpat*.so.1.10.1)
to 11:2:10 (libexpat*.so.1.10.2); see https://verbump.de/
for what these numbers do
Infrastructure:
[#982] CI: Start running Perl XML::Parser integration tests
[#987] CI: Enforce Clang Static Analyzer clean code
[#991] CI: Re-enable warning clang-analyzer-valist.Uninitialized
for clang-tidy
[#981] CI: Cover compilation with musl
[#983] #984 CI: Cover compilation with 32bit Emscripten
[#976] #977 CI: Protect against fuzzer files missing from future
release archives
- version update to 2.7.0 (CVE-2024-8176 [bsc#1239618])
* Security fixes:
[#893] #973 CVE-2024-8176 -- Fix crash from chaining a large number
of entities caused by stack overflow by resolving use of
recursion, for all three uses of entities:
- general entities in character data ("<e>&g1;</e>")
- general entities in attribute values ("<e k1='&g1;'/>")
- parameter entities ("%p1;")
Known impact is (reliable and easy) denial of service:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:O/RC:C
(Base Score: 7.5, Temporal Score: 7.2)
Please note that a layer of compression around XML can
significantly reduce the minimum attack payload size.
* Other changes:
[#935] #937 Autotools: Make generated CMake files look for
libexpat.@SO_MAJOR@.dylib on macOS
[#925] Autotools: Sync CMake templates with CMake 3.29
[#945] #962 #966 CMake: Drop support for CMake <3.13
[#942] CMake: Small fuzzing related improvements
[#921] docs: Add missing documentation of error code
XML_ERROR_NOT_STARTED that was introduced with 2.6.4
[#941] docs: Document need for C++11 compiler for use from C++
[#959] tests/benchmark: Fix a (harmless) TOCTTOU
[#944] Windows: Fix installer target location of file xmlwf.xml
for CMake
[#953] Windows: Address warning -Wunknown-warning-option
about -Wno-pedantic-ms-format from LLVM MinGW
[#971] Address Cppcheck warnings
[#969] #970 Mass-migrate links from http:// to https://
[#947] #958 ..
[#974] #975 Document changes since the previous release
[#974] #975 Version info bumped from 11:0:10 (libexpat*.so.1.10.0)
to 11:1:10 (libexpat*.so.1.10.1); see https://verbump.de/
for what these numbers do
- no source changes, just adding jira reference: jsc#SLE-21253
- iputils
-
- Security fix [bsc#1242300, CVE-2025-47268]
* integer overflow in RTT calculation can lead to undefined behavior
* Add iputils-CVE-2025-47268.patch
- ca-certificates-mozilla
-
- Fix awk to compare (missing a =) and give the following output:
[#] NSS_BUILTINS_LIBRARY_VERSION "2.74"
- pass file argument to awk (bsc#1240009)
- update to 2.74 state of Mozilla SSL root CAs:
Removed:
* SwissSign Silver CA - G2
Added:
* D-TRUST BR Root CA 2 2023
* D-TRUST EV Root CA 2 2023
- remove extensive signature printing in comments of the cert
bundle
- Define two macros to break a build cycle with p11-kit.
- Updated to 2.72 state of Mozilla SSL root CAs (bsc#1234798)
Removed:
- SecureSign RootCA11
- Security Communication RootCA3
Added:
- TWCA CYBER Root CA
- TWCA Global Root CA G2
- SecureSign Root CA12
- SecureSign Root CA14
- SecureSign Root CA15
- google-guest-configs
-
- Check that %{_sysconfdir}/sysconfig/network/ifcfg-eth0 actually
exists before making any modifications to it (bsc#1241112)
- apparmor
-
- Add dac_read_search capability for unix_chkpwd to allow it to read the shadow
file even if it has 000 permissions. This is needed after the CVE-2024-10041
fix in PAM.
* unix-chkpwd-add-read-capability.path, bsc#1241678
- Addapt the allow-pam_unix-to-execute-unix_chkpwd.patch for SLE12.
(bsc#1241876)
- Remove revert-abi-change-for-unix_chkpwd.patch
- Allow pam_unix to execute unix_chkpwd with abi/3.0
- remove dovecot-unix_chkpwd.diff
- Add allow-pam_unix-to-execute-unix_chkpwd.patch
- Add revert-abi-change-for-unix_chkpwd.patch
(bsc#1234452, bsc#1232234)
- Update profile usr.lib.dovecot.auth and add dovecot-unix_chkpwd.diff
to allow dovecot-auth to execute unix_chkpwd, and add a profile for
unix_chkpwd. This is needed for PAM with CVE-2024-10041 (bsc#1234452)
- openssh
-
- Add openssh-bsc1232533-big-motd-failure.patch (bsc#1232533),
fixing failures with very large MOTDs. Thanks to Ali Abdallah
<ali.abdallah@suse.com>.
- python3
-
- Update CVE-2024-11168-validation-IPv6-addrs.patch
according to the Debian version
(gh#python/cpython#103848#issuecomment-2708135083).
- sqlite3
-
- Sync version 3.49.1 from Factory (jsc#SLE-16032):
* CVE-2025-29087, bsc#1241020: Fix a bug in the concat_ws()
function, introduced in version 3.44.0, that could lead to a
memory error if the separator string is very large (hundreds
of megabytes).
* CVE-2025-29088, bsc#1241078: Enhanced the
SQLITE_DBCONFIG_LOOKASIDE interface to make it more robust
against misuse.
* Obsoletes sqlite3-rtree-i686.patch
- pam-config
-
- Stop adding pam_env in AUTH stack, and be sure to put this module at the
really end of the SESSION stack.
[bsc#1243226, CVE-2025-6018, remove-pam_env-from-auth-stack.patch]
- systemd
-
- Add the following patches (bsc#1241079 bsc#1241586)
6004-core-rename-queued_message-pending_reload_message.patch
6005-core-when-we-can-t-send-the-pending-reload-message-s.patch
6006-core-make-sure-we-don-t-throttle-change-signal-gener.patch-
- Import commit 866467ea64074193d226d09a3779c1ff0bec63b0
2aee6d7daf basic/hashmap: add cleanup of memory pools (#7164)
908ac43c61 core: add valgrind helper for daemon-reexec
5357cabb02 sd-bus: fix a memory leak in message_new_reply() (#7636)
db07d03e46 sd-bus: unify three code-paths which free struct bus_container
732f02acb0 bus-message: use structured initialization to avoid use of unitialized memory
- Add 6002-sd-bus-add-APIs-to-query-the-current-read-and-write-.patch and
6003-core-don-t-process-dbus-unit-and-job-queue-when-ther.patch (bsc#1231211 bsc#1231211)
- Don't try to restart the udev socket units anymore (bsc#1228809)
There's currently no way to restart a socket activable service and its socket
units "atomically" and safely.
- wget
-
- Drop support for shorthand URLs
* Breaking change to fix CVE-2024-10524.
[+ drop-support-for-shorthand-URLs.patch, bsc#1233773]
- timezone
-
- Update to 2025b:
* New zone for Aysén Region in Chile (America/Coyhaique) which
moves from -04/-03 to -03
- Refresh patches
* revert-philippines-historical-data.patch
* tzdata-china.diff
- python36
-
- Update CVE-2024-11168-validation-IPv6-addrs.patch
according to the Debian version
(gh#python/cpython#103848#issuecomment-2708135083).
- augeas
-
- Add patch, fix for bsc#1239909 / CVE-2025-2588:
* CVE-2025-2588.patch
- cloud-regionsrv-client
-
- Update version to 10.4.0
+ Remove repositories when the package is being removed
We do not want to leave repositories behind refering to the plugin that
is being removed when the package gets removed (bsc#1240310, bsc#1240311)
+ Turn docker into an optional setup (jsc#PCT-560)
Change the Requires into a Recommends and adapt the code accordingly
+ Support flexible licenses in GCE (jsc#PCT-531)
+ Drop the azure-addon package it is geting replaced by the
license-watcher package which has a generic implementation of the
same functionality.
+ Handle cache inconsistencies (bsc#1218345)
+ Properly handle the zypper root target argument (bsc#1240997)
- suse-build-key
-
- add and run a import-suse-build-key script, which will be run
after installation using a systemd timer. (jsc#PED-2777)
- libzypp
-
- Do not double encode URL strings passed on the commandline
(bsc#1237587)
URLs passed on the commandline must have their special chars
encoded already. We just want to check and encode forgotten
unsafe chars like a blank. A '%' however must not be encoded
again.
- version 16.22.16 (0)
- pam
-
- pam_namespace: convert functions that may operate on a user-controlled path
to operate on file descriptors instead of absolute path. And keep the
bind-mount protection from protect_mount() as a defense in depthmeasure.
[bsc#1244509
pam_inline-introduce-pam_asprintf-pam_snprintf-and-p.patch,
pam_namespace-fix-potential-privilege-escalation.patch,
pam_namespace-add-flags-to-indicate-path-safety.patch,
pam_namespace-secure_opendir-do-not-look-at-the-grou.patch]
- pam_namespace-fix-potential-privilege-escalation.patch adapted and includes
changes from upstream commits: ds6242a, bc856cd.
* pam_namespace fix logic in return value handling
* pam_namespace move functions around
- pam_env: Change the default to not read the user .pam_environment file
[bsc#1243226, CVE-2025-6018,
pam_env-change-the-default-to-not-read-the-user-env.patch]
- pam_unix/passverify: (get_account_info) [!HELPER_COMPILE]: Always return
PAM_UNIX_RUN_HELPER instead of trying to obtain the shadow password file
entry.
[passverify-always-run-the-helper-to-obtain-shadow-pwd.patch, bsc#1232234,
CVE-2024-10041]
- Do not reject the user with a hash assuming it's non-empty.
[pam_unix-allow-empty-passwords-with-non-empty-hashes.patch]
- vim
-
- Introduce patch to fix bsc#1235751 (regression).
* vim-9.1.1134-revert-putty-terminal-colors.patch
- Update to 9.1.1176. Changes:
* 9.1.1176: wrong indent when expanding multiple lines
* 9.1.1175: inconsistent behaviour with exclusive selection and motion commands
* 9.1.1174: tests: Test_complete_cmdline() may fail
* 9.1.1173: filetype: ABNF files are not detected
* 9.1.1172: [security]: overflow with 'nostartofline' and Ex command in tag file
* 9.1.1171: tests: wrong arguments passed to assert_equal()
* 9.1.1170: wildmenu highlighting in popup can be improved
* 9.1.1169: using global variable for get_insert()/get_lambda_name()
* 9.1.1168: wrong flags passed down to nextwild()
* 9.1.1167: mark '] wrong after copying text object
* 9.1.1166: command-line auto-completion hard with wildmenu
* 9.1.1165: diff: regression with multi-file diff blocks
* 9.1.1164: [security]: code execution with tar.vim and special crafted tar files
* 9.1.1163: $MYVIMDIR is set too late
* 9.1.1162: completion popup not cleared in cmdline
* 9.1.1161: preinsert requires bot "menu" and "menuone" to be set
* 9.1.1160: Ctrl-Y does not work well with "preinsert" when completing items
* 9.1.1159: $MYVIMDIR may not always be set
* 9.1.1158: :verbose set has wrong file name with :compiler!
* 9.1.1157: command completion wrong for input()
* 9.1.1156: tests: No test for what patch 9.1.1152 fixes
* 9.1.1155: Mode message not cleared after :silent message
* 9.1.1154: Vim9: not able to use autoload class accross scripts
* 9.1.1153: build error on Haiku
* 9.1.1152: Patch v9.1.1151 causes problems
* 9.1.1151: too many strlen() calls in getchar.c
* 9.1.1150: :hi completion may complete to wrong value
* 9.1.1149: Unix Makefile does not support Brazilian lang for the installer
* 9.1.1148: Vim9: finding imported scripts can be further improved
* 9.1.1147: preview-window does not scroll correctly
* 9.1.1146: Vim9: wrong context being used when evaluating class member
* 9.1.1145: multi-line completion has wrong indentation for last line
* 9.1.1144: no way to create raw strings from a blob
* 9.1.1143: illegal memory access when putting a register
* 9.1.1142: tests: test_startup fails if $HOME/$XDG_CONFIG_HOME is defined
* 9.1.1141: Misplaced comment in readfile()
* 9.1.1140: filetype: m17ndb files are not detected
* 9.1.1139: [fifo] is not displayed when editing a fifo
* 9.1.1138: cmdline completion for :hi is too simplistic
* 9.1.1137: ins_str() is inefficient by calling STRLEN()
* 9.1.1136: Match highlighting marks a buffer region as changed
* 9.1.1135: 'suffixesadd' doesn't work with multiple items
* 9.1.1134: filetype: Guile init file not recognized
* 9.1.1133: filetype: xkb files not recognized everywhere
* 9.1.1132: Mark positions wrong after triggering multiline completion
* 9.1.1131: potential out-of-memory issue in search.c
* 9.1.1130: 'listchars' "precedes" is not drawn on Tabs.
* 9.1.1129: missing out-of-memory test in buf_write()
* 9.1.1128: patch 9.1.1119 caused a regression with imports
* 9.1.1127: preinsert text is not cleaned up correctly
* 9.1.1126: patch 9.1.1121 used a wrong way to handle enter
* 9.1.1125: cannot loop through pum menu with multiline items
* 9.1.1124: No test for 'listchars' "precedes" with double-width char
* 9.1.1123: popup hi groups not falling back to defaults
* 9.1.1122: too many strlen() calls in findfile.c
* 9.1.1121: Enter does not insert newline with "noselect"
* 9.1.1120: tests: Test_registers fails
* 9.1.1119: Vim9: Not able to use an autoloaded class from another autoloaded script
* 9.1.1118: tests: test_termcodes fails
* 9.1.1117: there are a few minor style issues
* 9.1.1116: Vim9: super not supported in lambda expressions
* 9.1.1115: [security]: use-after-free in str_to_reg()
* 9.1.1114: enabling termguicolors automatically confuses users
* 9.1.1113: tests: Test_terminal_builtin_without_gui waits 2 seconds
* 9.1.1112: Inconsistencies in get_next_or_prev_match()
* 9.1.1111: Vim9: variable not found in transitive import
* 9.1.1110: Vim tests are slow and flaky
* 9.1.1109: cmdexpand.c hard to read
* 9.1.1108: 'smoothscroll' gets stuck with 'listchars' "eol"
* 9.1.1107: cannot loop through completion menu with fuzzy
* 9.1.1106: tests: Test_log_nonexistent() causes asan failure
* 9.1.1105: Vim9: no support for protected new() method
* 9.1.1104: CI: using Ubuntu 22.04 Github runners
* 9.1.1103: if_perl: still some compile errors with Perl 5.38
* 9.1.1102: tests: Test_WinScrolled_Resized_eiw() uses wrong filename
- python3-requests
-
- Add CVE-2024-47081.patch upstream patch, fixes netrc credential leak
(gh#psf/requests#6965, CVE-2024-47081, bsc#1244039)