- _product:sle-sdk-release
-
n/a
- libpng12
-
- security update
- modified patches
* libpng-1.2.50-CVE-2013-7353.patch (-p1)
* libpng-1.2.50-CVE-2013-7354.patch (-p1)
* libpng12-CVE-2015-7981.patch (-p1)
* libpng12-CVE-2015-8126-complete.patch (-p1)
* libpng12-CVE-2015-8126.patch (-p1)
- added patches
CVE-2025-64505 [bsc#1254157], heap buffer over-read in `png_do_quantize` via malformed palette index
* libpng12-CVE-2025-64505.patch
- python36
-
- Add CVE-2025-13836-http-resp-cont-len.patch (bsc#1254400,
CVE-2025-13836) to prevent reading an HTTP response from
a server, if no read amount is specified, with using
Content-Length per default as the length.
- Add CVE-2025-12084-minidom-quad-search.patch prevent quadratic
behavior in node ID cache clearing (CVE-2025-12084,
bsc#1254997).
- Add CVE-2025-13837-plistlib-mailicious-length.patch protect
against OOM when loading malicious content (CVE-2025-13837,
bsc#1254401).
- Add CVE-2025-6075-expandvars-perf-degrad.patch avoid simple
quadratic complexity vulnerabilities of os.path.expandvars()
(CVE-2025-6075, bsc#1252974).
- Skip test_curses on ppc64le (gh#python/cpython#141534)
- Add CVE-2025-8291-consistency-zip64.patch which checks
consistency of the zip64 end of central directory record, and
preventing obfuscation of the payload, i.e., you scanning for
malicious content in a ZIP file with one ZIP parser (let's say
a Rust one) then unpack it in production with another (e.g.,
the Python one) and get malicious content that the other parser
did not see (CVE-2025-8291, bsc#1251305)
- Readjust patches while synchronizing between openSUSE and SLE trees:
- F00251-change-user-install-location.patch
- doc-py38-to-py36.patch
- gh126985-mv-pyvenv.cfg2getpath.patch
- cups
-
- cups-1.7.5-CVE-2025-61915.patch is based on
https://github.com/OpenPrinting/cups-ghsa-hxm8-vfpq-jrfc/pull/2
backported to CUPS 1.7.5 to fix CVE-2025-61915
"Local denial-of-service via cupsd.conf update
and related issues"
https://github.com/OpenPrinting/cups/security/advisories/GHSA-hxm8-vfpq-jrfc
bsc#1253783
- In general regarding CUPS security issues and/or DoS issues see
https://en.opensuse.org/SDB:CUPS_and_SANE_Firewall_settings
- libpcap
-
- Security fix: [bsc#1255765, CVE-2025-11961]
* Fix out-of-bound-write and out-of-bound-read in pcap_ether_aton()
due to missing validation of provided MAC-48 address string
* Add libpcap-CVE-2025-11961.patch
- mozilla-nss
-
- Add bmo1990242.patch to move NSS DB password hash away from SHA-1
- update to NSS 3.112.2
* bmo#1970079 - Prevent leaks during pkcs12 decoding.
* bmo#1988046 - SEC_ASN1Decode* should ensure it has read as many bytes as each length field indicates
- Adding patch bmo1980465.patch to fix bug on s390x (bmo#1980465)
- Adding patch bmo1956754.patch to fix possible undefined behaviour (bmo#1956754)
- update to NSS 3.112.1
* bmo#1982742 - restore support for finding certificates by decoded serial number.
- glib2
-
- Add CVE fixes:
+ glib2-CVE-2025-13601.patch (bsc#1254297 CVE-2025-13601
glgo#GNOME/glib#3827).
+ glib2-CVE-2025-14087-1.patch, glib2-CVE-2025-14087-2.patch,
glib2-CVE-2025-14087-3.patch (bsc#1254662 CVE-2025-14087
glgo#GNOME/glib#3834).
+ glib2-CVE-2025-14512.patch (bsc#1254878 CVE-2025-14512
glgo#GNOME/glib#3845).
- Add glib2-CVE-2025-7039.patch: fix computation of temporary file
name (bsc#1249055 CVE-2025-7039 glgo#GNOME/glib#3716).
- pacemaker
-
- fencer: improve self-fencing logs (bsc#1249419)
* bsc#1249419-0002-Log-fencer-improve-self-fencing-logs.patch
- fenced: DC node fencing is unconditionally relayed. (bsc#1249419)
* bsc#1249419-0001-Mid-fenced-DC-node-fencing-is-unconditionally-relaye.patch
- xkbcomp
-
- 0001-xkbcomp-Don-t-crash-on-no-op-modmask-expressions.patch
(CVE-2018-15863, bsc#1105832)
- 0002-xkbcomp-Don-t-falsely-promise-from-ExprResolveLhs.patch
(CVE-2018-15861, bsc#1105832)
- 0003-Fail-expression-lookup-on-invalid-atoms.patch
(CVE-2018-15859, bsc#1105832)
- 0004-xkbcomp-fix-stack-overflow-when-evaluating-boolean-n.patch
(CVE-2018-15853, bsc#1105832)
- mozilla-nspr
-
- update to NSPR 4.36.2
* Fixed a syntax error in test file parsetm.c,
which was introduced in 4.36.1
- update to NSPR 4.36.1
* Incorrect time value produced by PR_ParseTimeString and
PR_ParseTimeStringToExplodedTime if input string doesn't
specify seconds.
- expat
-
- Fix CVE-2025-59375 / bsc#1249584.
- Add patch file:
* CVE-2025-59375.patch
- grub2
-
- Fix CVE-2025-54771 (bsc#1252931)
* 0001-kern-file-Call-grub_dl_unref-after-fs-fs_close.patch
- Fix CVE-2025-61662 (bsc#1252933)
* 0002-gettext-gettext-Unregister-gettext-command-on-module.patch
- Fix CVE-2025-61663 (bsc#1252934)
- Fix CVE-2025-61664 (bsc#1252935)
* 0003-normal-main-Unregister-commands-on-module-unload.patch
* 0004-tests-lib-functional_test-Unregister-commands-on-mod.patch
- Fix CVE-2025-61661 (bsc#1252932)
* 0005-commands-usbtest-Use-correct-string-length-field.patch
* 0006-commands-usbtest-Ensure-string-length-is-sufficient-.patch
- Bump upstream SBAT generation to 6
- libxslt
-
- security update
- added patches
CVE-2025-11731 [bsc#1251979], type confusion in exsltFuncResultCompfunction leading to denial of service
* libxslt-CVE-2025-11731.patch
- propagate test failure into build failure
- added sources
* libxslt-test-results.ref
- vim
-
- Fix for bsc#1229750.
- nocompatible must be set before the syntax highlighting is turned on.
- bash
-
- Add patch bsc1245199.patch
* Fix histfile missing timestamp for the oldest record (bsc#1245199)
- krb5
-
- Remove des3-cbc-sha1 and arcfour-hmac-md5 from permitted
enctypes unless new special options "allow_des3" or "allow_rc4"
are set; (CVE-2025-3576); (bsc#1241219).
- Add patch 0018-prep-CVE-2025-3576.patch
- Add patch 0019-CVE-2025-3576.patch
- bind
-
- Security Fixes:
* Address various spoofing attacks.
[CVE-2025-40778, bsc#1252379, bind-9.11-CVE-2025-40778.patch]
- google-cloud-sap-agent
-
- Update to version 3.9 (bsc#1248452, bsc#1249003)
* Use correct version comparison to support double digit minor versions
* Reduce Process Metrics collection frequency.
* Update event topic message structure
* Fix network stats skipped metrics
* fixing a typo
* PubSub Log Collection Unit Tests
* Reduce info log volume with default agent config
* fix typo in action workflow
* Use a github token when adding the workloadagentplatform submodule to avoid rate limits
* Add executable permission check for /usr/sap in Status OTE
* Delete aianalyzer from SAP Agent - we have moved to a new agent in platform
* Update CheckTopology to call sapcontrol as sidadm user correctly
* bump oauth2 version to v0.27.0
* Auto updated compiled protocol buffers
* Log collection streaming to pub/sub
* Version fix and improved LVMRename error handling
* Add todo for archive snapshot in hanadiskbackup and hanadiskrestore.
* Use snapshot group workflow for version 3.9+
* Add Rename LVM step to restore with Snapshot Group Workflow
* Agent for SAP: Add functionality to wait for snapshot group creation
till it's status is not 'CREATING'
* Modify hanadiskbackup for sidadm user
* Implement bulk insert for snapshot group in multidisk restore.
* Populate instance uri in agent status
* Add `ListDisksFromSnapshot` function to snapshot group utils.
* Use Snapshot Group for snapshot validation.
* Added method to list snapshots from snapshot group.
* Adding snapshot group flag to hanadiskrestore OTE.
* Fixes the link to the cloud console for upgrading the storage bucket
* Implement function to create disks from snapshot group via bulk insert API.
* SAP Agent - HANA Disk Snapshot - Add SG Workflow
* Implement WaitForSGUploadCompletionWithRetry function to wait
for Snapshot group upload completion.
* Implement `ListSGs` function in `snapshotgroup` utils.
* Implement get snapshot groups functionality.
* Implement CreateSG method.
* Add Snapshot group utility library
* Auto updated compiled protocol buffers
* Remove lastHostChangeTimestamp field from host metrics
- Drop CVE-2025-22868.patch, merged upstream
- curl
-
- Security fixes:
* [bsc#1255731, CVE-2025-14524] bearer token leak on cross-protocol redirect
* [bsc#1255733, CVE-2025-15079] set both knownhosts options to the same file
* [bsc#1255732, CVE-2025-14819] toggling CURLSSLOPT_NO_PARTIALCHAIN makes a different CA cache
* Add patches:
- curl-CVE-2025-14524.patch
- curl-CVE-2025-15079.patch
- curl-CVE-2025-14819.patch
- python3
-
- Add CVE-2025-13836-http-resp-cont-len.patch (bsc#1254400,
CVE-2025-13836) to prevent reading an HTTP response from
a server, if no read amount is specified, with using
Content-Length per default as the length.
- Add CVE-2025-12084-minidom-quad-search.patch prevent quadratic
behavior in node ID cache clearing (CVE-2025-12084,
bsc#1254997).
- Add CVE-2025-13837-plistlib-mailicious-length.patch protect
against OOM when loading malicious content (CVE-2025-13837,
bsc#1254401).
- Fix the build system with two patches:
- spc-tab-Makefile-pre-in.patch there are space-indended lines
in the Makefile.pre.in in tarball (!!!), fix that
- Modules_Setup.patch, Modules/makesetup script is kind of
broken (gh#python/cpython!4338 among others)
- time-static.patch make time module statically built into the
interpreter
- Add s390-build.patch to skip failing test on s390.
- Add CVE-2025-6075-expandvars-perf-degrad.patch avoid simple
quadratic complexity vulnerabilities of os.path.expandvars()
(CVE-2025-6075, bsc#1252974).
- Add also two small patches:
- lchmod-non-support.patch adding @requires_lchmod operator
for skipping tests on platforms were changing the mode of
symbolic links is supported (which it isn’t in SLE-12,
apparently).
- locale-test_float_with_commad.patch for decoding byte strings
in localeconv() for consistent output
- Update pip wheel to pip-20.2.3-py2.py3-none-any.whl.
- Add CVE-2025-8291-consistency-zip64.patch which checks
consistency of the zip64 end of central directory record, and
preventing obfuscation of the payload, i.e., you scanning for
malicious content in a ZIP file with one ZIP parser (let's say
a Rust one) then unpack it in production with another (e.g.,
the Python one) and get malicious content that the other parser
did not see (CVE-2025-8291, bsc#1251305)
- Readjust patches while synchronizing between openSUSE and SLE trees:
- 99366-patch.dict-can-decorate-async.patch
- CVE-2007-4559-filter-tarfile_extractall.patch
- CVE-2020-10735-DoS-no-limit-int-size.patch
- CVE-2024-6232-ReDOS-backtrack-tarfile.patch
- CVE-2025-4435-normalize-lnk-trgts-tarfile.patch
- CVE-2025-8194-tarfile-no-neg-offsets.patch
- python-3.6.0-multilib-new.patch
- python3-sorted_tar.patch
- pciutils
-
- pciutils.spec: Add a strict dependency to libpci. [bsc#1252338]
Mixing different versions of pciutils and libpci could result in
a segmentation fault due to incompatible ABI.
- _product:sle-live-patching-release
-
n/a
- lifecycle-data-sle-live-patching
-
- Added data for 4_12_14-122_261, 4_12_14-122_266, 4_12_14-122_269,
4_12_14-122_272, 4_12_14-122_275. (bsc#1020320)
- Added data for 4_12_14-122_261, 4_12_14-122_266, 4_12_14-122_269,
4_12_14-122_272. (bsc#1020320)
- libxml2
-
- security update
- added patches
https://gitlab.gnome.org/GNOME/libxml2/-/commit/852c93a2dc2224f020aab55a9702f992db404836
* libxml2-CVE-2025-9714-0.patch
https://gitlab.gnome.org/GNOME/libxml2/-/commit/5153c7baceca65f575efdcbb0244860d97031f96
* libxml2-CVE-2025-9714-1.patch
https://gitlab.gnome.org/GNOME/libxml2/-/commit/64115ed62dd01dab81a9157a54738523fe117333
* libxml2-CVE-2025-9714-2.patch
https://gitlab.gnome.org/GNOME/libxml2/-/commit/2d97a97aa515f1bd3efc35c8ea2aa68676c6f8e1
* libxml2-CVE-2025-9714-3.patch
https://gitlab.gnome.org/GNOME/libxml2/-/commit/012f8e92847a4e5ff684e7bd8e81a0b1ad104e32
* libxml2-CVE-2025-9714-4.patch
https://gitlab.gnome.org/GNOME/libxml2/-/commit/949eced484520bdde3348e55eba048501b809127
* libxml2-CVE-2025-9714-5.patch
https://gitlab.gnome.org/GNOME/libxml2/-/commit/390f05e7033fa8658f310dce9704f4f88e84b7fe
* libxml2-CVE-2025-9714-6.patch
https://gitlab.gnome.org/GNOME/libxml2/-/commit/429d4ecaae5d61d591f279220125a583836fb84e
* libxml2-CVE-2025-9714-7.patch
https://gitlab.gnome.org/GNOME/libxml2/-/commit/6f1470a5d6e3e369fe93f52d5760ba7c947f0cd1
* libxml2-CVE-2025-9714-8.patch
https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21
* libxml2-CVE-2025-9714.patch
- security update
- added patches
CVE-2025-8732 [bsc#1247850], infinite recursion in catalog parsing functions when processing malformed SGML catalog files
* libxml2-CVE-2025-8732.patch
- samba
-
- CVE-2025-9640: fix vfs_streams_xattr uninitialized memory write;
(bsc#1251279);(bso#15885).
- CVE-2025-10230: fix command Injection in WINS Server Hook Script;
(bsc#1251280);(bso#15903).
- tiff
-
- security update:
* CVE-2025-8851 [bsc#1248278]
Fix stack-based buffer overflow vulnerability in
tools/tiffcrop.c function readSeparateStripsIntoBuffer() by
implementing additional error handling.
+ tiff-CVE-2025-8851.patch
- security update:
* CVE-2025-9900 [bsc#1250413]
Fix Write-What-Where in libtiff via TIFFReadRGBAImageOriented
+ tiff-CVE-2025-9900.patch
- openssh
-
- Add openssh-cve-2025-61984-username-validation.patch
(bsc#1251198, CVE-2025-61984).
- rsync
-
- Security update (CVE-2025-10158, bsc#1254441): rsync: Out of
bounds array access via negative index
- Add rsync-CVE-2025-10158.patch
- libpng16
-
- security update
- added patches
CVE-2025-66293 [bsc#1254480], LIBPNG out-of-bounds read in png_image_read_composite
* libpng16-CVE-2025-66293-1.patch
* libpng16-CVE-2025-66293-2.patch
- security update
- modified patches
* libpng16-1.6.8-CVE-2014-0333.patch (-p1)
* libpng16-CVE-2014-9495.patch (-p1)
* libpng16-CVE-2015-0973.patch (-p1)
* libpng16-CVE-2015-8126-complete.patch (-p1)
* libpng16-CVE-2015-8126.patch (-p1)
- added patches
CVE-2025-64505 [bsc#1254157], heap buffer over-read in `png_do_quantize` via malformed palette index
* libpng16-CVE-2025-64505.patch
CVE-2025-64506 [bsc#1254158], heap buffer over-read in `png_write_image_8bit` with 8-bit input and `convert_to_8bit` enabled
* libpng16-CVE-2025-64506.patch
CVE-2025-64720 [bsc#1254159], buffer overflow in `png_image_read_composite` via incorrect palette premultiplication
* libpng16-CVE-2025-64720.patch
CVE-2025-65018 [bsc#1254160], heap buffer overflow in `png_combine_row` triggered via `png_image_finish_read`
* libpng16-CVE-2025-65018.patch
- kernel-default
-
- wifi: ath9k: hif_usb: fix memory leak of remain_skbs (CVE-2023-53641 bsc#1251728)
- commit cddd1eb
- thermal: intel_powerclamp: Use first online CPU as control_cpu (bsc#1251173)
- commit a5e3566
- thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash (CVE-2022-50494 bsc#1251173)
- commit 2222fc8
- drm/scheduler: signal scheduled fence when kill job (bsc#1247227 CVE-2025-38436)
- commit b828f36
- Update
patches.suse/tcp-Don-t-call-reqsk_fastopen_remove-in-tcp_conn_request.patch
(git-fixes CVE-2025-40186 bsc#1253438).
- commit f901ef4
- net: dcb: choose correct policy to parse DCB_ATTR_BCN (CVE-2023-53369 bsc#1250206)
- commit 358246e
- btrfs: avoid potential out-of-bounds in btrfs_encode_fh() (CVE-2025-40205 bsc#1253456)
- commit 22c9af2
- net/ip6_tunnel: Prevent perpetual tunnel growth (CVE-2025-40173
bsc#1253421).
- commit d8c4c44
- scsi: mvsas: Fix use-after-free bugs in mvs_work_queue
(CVE-2025-40001 bsc#1252303).
- commit bb0f1cb
- uio_hv_generic: Let userspace take care of interrupt mask (CVE-2025-40048 bsc#1252862).
- commit 76a0e50
- sctp: Fix MAC comparison to be constant-time (CVE-2025-40204
bsc#1253436).
- commit eccee08
- smb3: fix Open files on server counter going negative
(git-fixes).
- commit 15583ca
- cifs: return a single-use cfid if we did not get a lease
(bsc#1228688).
- commit c039524
- cifs: Check the lease context if we actually got a lease
(bsc#1228688).
- Refresh
patches.suse/cifs-fix-open-leaks-in-open_cached_dir.patch.
- Refresh
patches.suse/smb-client-fix-potential-OOBs-in-smb2_parse_contexts-.patch.
- commit 9351453
- kabi/severities: Update info about kvm_86_ops
- commit 69450ab
- net/sched: sch_qfq: Fix null-deref in agg_dequeue (CVE-2025-40083 bsc#1252912).
- commit 2a85e50
- KVM: x86: Give a hint when Win2016 might fail to boot due to XSAVES erratum (git-fixes).
- commit 4d19df5
- Refresh patches.suse/x86-CPU-AMD-Disable-XSAVES-on-AMD-family-0x17.patch.
XSAVE feature clearing should apply to ZEN1/2 and not to K6 CPUs.
- commit b258ad9
- blacklist.conf: Add imxfb commit
- Delete
patches.suse/0002-video-fbdev-imxfb-Fix-an-error-message.patch.
- Delete
patches.suse/0004-fbdev-imxfb-warn-about-invalid-left-right-margin.patch.
We don't build this driver.
- commit a556fb5
- net/sched: sch_hfsc: upgrade 'rt' to 'sc' when it becomes a
inner curve (bsc#1220419).
- commit 6275dfe
- scsi: ses: Handle enclosure with just a primary component
gracefully (git-fixes CVE-2023-53431 bsc#1250374).
- commit 1585d41
- PCI: aardvark: Fix checking for MEM resource type (git-fixes).
- commit ee4989d
- Fix another type-mismatch issue in fbcon patches (bsc#1252033 CVE-2025-39967 bsc#1253237)
Fix another type mismatch in fbcon font handling:
* comparison of distinct pointer types lacks a cast [enabled by default] in ../drivers/video/console/fbcon.c in fbcon_set_font (from ../include/linux/overflow.h)
In file included from ../include/linux/vmalloc.h:10:0,
../drivers/video/console/fbcon.c: In function 'fbcon_set_font':
../include/linux/overflow.h:150:15: warning: comparison of distinct pointer types lacks a cast [enabled by default]
../include/linux/overflow.h:206:4: note: in expansion of macro '__signed_add_overflow'
../drivers/video/console/fbcon.c:2467:6: note: in expansion of macro 'check_add_overflow'
* comparison of distinct pointer types lacks a cast [enabled by default] in ../include/linux/overflow.h
../include/linux/overflow.h:151:15: warning: comparison of distinct pointer types lacks a cast [enabled by default]
../include/linux/overflow.h:206:4: note: in expansion of macro '__signed_add_overflow'
../drivers/video/console/fbcon.c:2467:6: note: in expansion of macro 'check_add_overflow'
* comparison of distinct pointer types lacks a cast [enabled by default] in ../include/linux/overflow.h
../include/linux/overflow.h:101:15: warning: comparison of distinct pointer types lacks a cast [enabled by default]
../include/linux/overflow.h:207:4: note: in expansion of macro '__unsigned_add_overflow'
../drivers/video/console/fbcon.c:2467:6: note: in expansion of macro 'check_add_overflow'
* comparison of distinct pointer types lacks a cast [enabled by default] in ../include/linux/overflow.h
../include/linux/overflow.h:102:15: warning: comparison of distinct pointer types lacks a cast [enabled by default]
../include/linux/overflow.h:207:4: note: in expansion of macro '__unsigned_add_overflow'
../drivers/video/console/fbcon.c:2467:6: note: in expansion of macro 'check_add_overflow'
- commit 3586116
- Refresh
patches.suse/KVM-nSVM-always-intercept-VMLOAD-VMSAVE-when-nested.
- Refresh
patches.suse/KVM-nSVM-avoid-picking-up-unsupported-bits-from-L2-i.
Add upstream commit ID and move to sorted section.
- commit 808b040
- dmaengine: bcm2835: Avoid GFP_KERNEL in device_prep_slave_sg
(bsc#1070872).
Rename, update with upstream description and reference, and move to the
sorted section.
- commit 3ac835f
- Move ocfs2 fixes to the sorted section
- commit c36ff63
- wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded sta (CVE-2023-53229 bsc#1249650)
- commit 6e55df1
- Restore fixes for fbcon_do_set_font() (bsc#1252033 CVE-2025-39967 bsc#1253237)
The backport from bsc#1252033 failed because check_mul_overflow()
did not handle differences in type signs. Restore the patches and
fix them to use unsigned types for all calculations. Input arguments
are unsigned anyway.
- commit 7a71d84
- wifi: brcmfmac: Fix potential shift-out-of-bounds in brcmf_fw_alloc_request() (CVE-2022-50551 bsc#1251322)
- commit 644642c
- r6040: Fix kmemleak in probe and remove (CVE-2022-50545 bsc#1251285)
- commit 506400a
- xfrm: Update ipcomp_scratches with NULL when freed
(CVE-2022-50569 bsc#1252640).
- commit 8b98d1b
- scsi: target: iscsi: Fix buffer overflow in
lio_target_nacl_info_show() (bsc#1251786 CVE-2023-53676).
- commit e9a3dc4
- Revert "fbcon: fix integer overflow in fbcon_do_set_font (bsc#1252033 CVE-2025-39967)"
This reverts commit ef5b27e0395e36f32d5881894b4deb2dc992343a.
- commit 541fc90
- Revert "fbcon: Fix OOB access in font allocation (bsc#1252033)"
This reverts commit d696663168f05fd9eb1b90bb1be489edf7001e6b.
- commit 3f75577
- Alt-commit updates
- Refresh
patches.suse/0001-drm-amdgpu-validate-the-parameters-of-bo-mapping-ope.patch.
- Refresh
patches.suse/0001-drm-i915-gem-Fix-Virtual-Memory-mapping-boundaries-c.patch.
- Refresh patches.suse/1394-drm-msm-fix-no_implicit-fencing-case.
- Refresh
patches.suse/Revert-drm-radeon-Fix-EEH-during-kexec.patch.
- commit 5d5cec6
- ARM: dts: exynos: Use Exynos5420 compatible for the MIPI video phy (CVE-2023-53542 bsc#1251154)
- commit f3fb811
- drm/msm/dsi: fix memory corruption with too many bridges (CVE-2022-50368 bsc#1250009)
- commit 520589a
- pps: fix warning in pps_register_cdev when register device fail
(CVE-2025-40070 bsc#1252836).
- commit cb71ffd
- pinctrl: check the return value of
pinmux_ops::get_function_name() (CVE-2025-40030 bsc#1252773).
- commit b26cdf3
- ocfs2: fix double free in user_cluster_connect() (CVE-2025-40055 bsc#1252821)
- commit 832b986
- class: fix possible memory leak in __class_register()
(CVE-2022-50578 bsc#1252519).
- commit 4001512
- mm/ksm: fix flag-dropping behavior in ksm_madvise
(CVE-2025-40040 bsc#1252780).
- commit 6af1ea3
- net/9p: fix double req put in p9_fd_cancelled (CVE-2025-40027
bsc#1252763).
- commit 12bcbd0
- fs/smb: Fix inconsistent refcnt update (bsc#1250176,
CVE-2025-39819).
- commit 8b09411
- 9p/trans_fd: Fix concurrency del of req_list in
p9_fd_cancelled/p9_read_work (CVE-2025-40027 bsc#1252763).
- commit 2d2d005
- cifs: fix mid leak during reconnection after timeout threshold
(bsc#1251159, CVE-2023-53597).
- commit 29af9dd
- tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails
to allocate psock->cork (bsc#1250705).
- commit 5eef25f
- tcp_bpf: Fix copied value in tcp_bpf_sendmsg (bsc#1250650).
- skmsg: Return copied bytes in sk_msg_memcopy_from_iter
(bsc#1250650).
- commit 7274f26
- wifi: ath9k: Fix potential stack-out-of-bounds write in
ath9k_wmi_rsp_callback() (CVE-2023-53717 bsc#1252560).
- commit 469787a
- net: sched: cls_u32: Undo tcf_bind_filter if
u32_replace_hw_knode (CVE-2023-53733 bsc#1252685).
- commit 308a4a1
- blacklist.conf: CVE-2025-37928 bsc#1243621
- Delete patches.suse/dm-bufio-don-t-schedule-in-atomic-context.patch
- commit 2991827
- udf: Preserve link count of system files (bsc#1252539
CVE-2023-53695).
- commit c7818f7
- udf: Detect system inodes linked into directory hierarchy
(bsc#1252539 CVE-2023-53695).
- commit 9e1ad9a
- NFSD: Define a proc_layoutcommit for the FlexFiles layout type
(CVE-2025-40088 bsc#1252909).
- commit b682724
- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()
(CVE-2025-40082 bsc#1252775).
- commit 71ba5db
- hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp()
(CVE-2025-40088 bsc#1252904).
- commit 3401643
- kernel-subpackage-spec: Do not doubly-sign modules (bsc#1251930).
- commit 0f034b6
- bpf: Explicitly check accesses to bpf_sock_addr (CVE-2025-40078
bsc#1252789).
- commit 62aaf66
- Squashfs: fix uninit-value in squashfs_get_parent (bsc#1252822
CVE-2025-40049).
- commit acc9cea
- fs: udf: fix OOB read in lengthAllocDescs handling (bsc#1252785 CVE-2025-40044).
- commit 7dc17e9
- drm/amdkfd: Fix UBSAN shift-out-of-bounds warning (bsc#1250764 CVE-2021-4460)
- commit 033f866
- pnode: terminate at peers of source (CVE-2022-50280 bsc#1249806)
- commit 628cc9e
- crypto: af_alg - Set merge to zero early in af_alg_sendmsg (CVE-2025-39931 bsc#1251100).
- commit 904e401
- btrfs: call __btrfs_remove_free_space_cache_locked on cache load failure (CVE-2022-50571 bsc#1252487)
- commit 8e09358
- drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1 (bsc#1252632 CVE-2023-53707)
- commit 73d1a0a
- Update
patches.suse/0086-dm-thin-Fix-UAF-in-run_timer_softirq.patch
(git-fixes CVE-2022-50563 bsc#1252480).
- Update patches.suse/hfs-fix-OOB-Read-in-__hfs_brec_find.patch
(git-fixes CVE-2022-50581 bsc#1252549).
- Update
patches.suse/md-raid1-fix-potential-OOB-in-raid1_remove_disk-8b04.patch
(git-fixes CVE-2023-53722 bsc#1252499).
- Update
patches.suse/s390-netiucv-Fix-return-type-of-netiucv_tx.patch
(git-fixes bsc#1212175 CVE-2022-50564 bsc#1252538).
- Update
patches.suse/scsi-qla2xxx-Fix-memory-leak-in-qla2x00_probe_one.patch
(git-fixes CVE-2023-53696 bsc#1252513).
- Update
patches.suse/scsi-ses-Fix-possible-addl_desc_ptr-out-of-bounds-accesses.patch
(git-fixes CVE-2023-7324 bsc#1252893).
- commit 6722787
- fbcon: Fix OOB access in font allocation (bsc#1252033)
- commit d696663
- fbcon: fix integer overflow in fbcon_do_set_font (bsc#1252033 CVE-2025-39967)
- commit ef5b27e
- kABI fix for net: vlan: fix VLAN 0 refcount imbalance of
toggling filtering during runtime (CVE-2025-38470 bsc#1247288).
- commit 589d82f
- i2c: mux: reg: check return value after calling platform_get_resource() (CVE-2022-50364 bsc#1250083)
- commit 2b2cffb
- ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free
(CVE-2025-39997 bsc#1252056).
- commit a51d8e6
- iommu/amd: Fix pci device refcount leak in ppr_notifier() (CVE-2022-50505 bsc#1251086)
- commit 8687154
- drm/hisilicon/hibmc: fix the hibmc loaded failed bug (CVE-2025-39772 bsc#1249506)
- commit d8e1da7
- ipvs: Defer ip_vs_ftp unregister during netns cleanup
(CVE-2025-40018 bsc#1252688).
- commit 69275ca
- ext4: fix bug in extents parsing when eh_entries == 0 and
eh_depth > 0 (bsc#1223475 CVE-2022-48631).
- commit 70236d6
- tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request()
(git-fixes).
- commit 757a6b5
- tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect()
(CVE-2025-39955 bsc#1251804).
- ipv6: Fix out-of-bounds access in ipv6_find_tlv()
(CVE-2023-53705 bsc#1252554).
- commit 171d7f3
- Revert "e1000e: fix heap overflow in e1000_set_eeprom (CVE-2025-39898"
This reverts commit 2836e8d8d652cc9b552b6399525f14e15353483b.
- commit 0a9731b
- Revert "Refresh"
This reverts commit 9531965fe99a2d5cc7f092699c30780cd95fe9e3.
- Revert "Refresh"
This reverts commit bbde1b2cc3e31ca5dab4e71e08f50d277c0dcf13.
- commit 1af8647
- md: fix soft lockup in status_resync (bsc1251318,
CVE-2023-53620).
- commit 8f3ae24
- i40e: add max boundary check for VF filters (CVE-2025-39968
bsc#1252047).
- i40e: fix idx validation in i40e_validate_queue_map
(CVE-2025-39972 bsc#1252039).
- i40e: add validation for ring_len param (CVE-2025-39973
bsc#1252035).
- qed: Don't collect too many protection override GRC elements
(CVE-2025-39949 bsc#1251177).
- commit bc08ffd
- lib: cpu_rmap: Fix potential use-after-free in
irq_cpu_rmap_release() (CVE-2023-53484 bsc#1250895).
- commit d30b615
- lib: cpu_rmap: Avoid use after free on rmap->obj array entries
(CVE-2023-53484 bsc#1250895).
- commit 3aa6f20
- wifi: cfg80211: reject auth/assoc to AP with our address
(CVE-2023-53540 bsc#1251053).
- commit ee3b008
- wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex
(CVE-2023-53715 bsc#1252545).
- commit 9b29c92
- i40e: fix idx validation in config queues msg (CVE-2025-39971 bsc#1252052)
- commit c33db33
- i40e: Add bounds check for ch[] array (CVE-2025-39971 bsc#1252052)
- commit bf307ec
- i40e: fix input validation logic for action_meta (CVE-2025-39970 bsc#1252051)
- commit 4e82f01
- i40e: Fix filter input checks to prevent config with invalid values (CVE-2025-39970 bsc#1252051)
- commit 57297d8
- net: sched: sfb: fix null pointer access issue when sfb_init()
fails (CVE-2022-50356 bsc#1250040).
- commit 882fd64
- tty: serial: samsung_tty: Fix a memory leak in
s3c24xx_serial_getclk() when iterating clk (CVE-2023-53687
bsc#1251772).
- commit 653cf6a
- cifs: Release folio lock on fscache read hit (CVE-2023-53593 bsc#1251132)
- commit 6362ac3
- dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees (CVE-2025-39923 bsc#1250741)
- commit fbf8fb9
- net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() (CVE-2025-39876 bsc#1250400)
- commit bd6ed1f
- net: hv_netvsc: fix loss of early receive events from host during channel open (bsc#1252265).
- commit e2ece38
- netfilter: conntrack: fix wrong ct->timeout value
(CVE-2023-53635 bsc#1251524).
- commit cb2dbc3
- scsi: iscsi_tcp: Check that sock is valid before
iscsi_set_param() (git-fixes).
- commit f85971b
- Refresh
patches.suse/e1000e-fix-heap-overflow-in-e1000_set_eeprom.patch.
Let check_add_overflow perform its intended duty.
- commit bbde1b2
- smb: client: fix smbdirect_recv_io leak in smbd_negotiate() error path (CVE-2025-39929 bsc#1251036)
- commit 33a9326
- i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path (CVE-2025-39911 bsc#1250704)
- commit 18ff544
- sctp: initialize more fields in sctp_v6_from_sk() (CVE-2025-39812 bsc#1250202)
- commit 262d224
- integrity: Fix memory leakage in keyring allocation error path (CVE-2022-50395 bsc#1250211)
- commit 89f3524
- memory: of: Fix refcount leak bug in of_get_ddr_timings() (CVE-2022-50249 bsc#1249747)
- commit a04f0d4
- openvswitch: fix lockup on tx to unregistering netdev with carrier (bsc#1249854)
- commit 5c8a374
- net: openvswitch: fix race on port output (CVE-2023-53188 bsc#1249854)
- commit 02a1cae
- ipv6: sr: Fix MAC comparison to be constant-time (CVE-2025-39702 bsc#1249317)
- commit 6728b5c
- sctp: linearize cloned gso packets in sctp_rcv (CVE-2025-38718 bsc#1249161)
- commit 084aea4
- serial: 8250: fix panic due to PSLVERR (CVE-2025-39724 bsc#1249265)
- commit 9d4bd1b
- scsi: qla4xxx: Prevent a potential error pointer dereference (CVE-2025-39676 bsc#1249302)
- commit a7b1238
- media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() (CVE-2025-38680 bsc#1249203)
- commit c6c8afe
- scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling
getpeername() (CVE-2022-50459 bsc#1250850).
- commit 3807688
- blk-mq: fix NULL dereference on q->elevator in
blk_mq_elv_switch_none (CVE-2023-53292 bsc#1250163).
- blk-mq: protect q->elevator by ->sysfs_lock in
blk_mq_elv_switch_none (CVE-2023-53292 bsc#1250163).
- commit f60e1b9
- netfilter: conntrack: Avoid nf_ct_helper_hash uses after free
(CVE-2023-53619 bsc#1251743).
- commit d9a3ca9
- NFSv4.1: fix backchannel max_resp_sz verification check
(bsc#1247518).
- commit 4f042cf
- doc/README.SUSE: Correct the character used for TAINT_NO_SUPPORT
The character was previously 'N', but upstream used it for TAINT_TEST,
which prompted the change of TAINT_NO_SUPPORT to 'n'. This occurred in
commit c35dc3823d08 ("Update to 6.0-rc1") on master and in d016c04d731d
("Bump to 6.4 kernel (jsc#PED-4593)") for SLE15-SP6 (and onwards).
Update the documentation to reflect this change.
- commit f42ecf5
- ALSA: ac97: Fix possible error value of *rac97 (CVE-2023-53648
bsc#1251750).
- ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer
(CVE-2023-53648 bsc#1251750).
- commit 3add5a8
- tipc: add tipc_bearer_min_mtu to calculate min mtu
(CVE-2023-53517 bsc1250919).
- commit af0b7c0
- tipc: do not update mtu if msg_max is too small in mtu
negotiation (CVE-2023-53517 bsc#1250919).
- commit 246819a
- btrfs: do not BUG_ON() on ENOMEM when dropping extent items for a range (CVE-2022-50293 bsc#1249752)
- commit 674444e
- btrfs: exit gracefully if reloc roots don't match (CVE-2023-53183 bsc#1249863)
- commit 5aefca3
- btrfs: fix BUG_ON condition in btrfs_cancel_balance (CVE-2023-53339 bsc#1250329)
- commit e64f98a
- hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read()
(bsc#1249260 CVE-2025-38714).
- commit d550dcb
- nfsd: handle get_client_locked() failure in
nfsd4_setclientid_confirm() (bsc#1249169 CVE-2025-38724).
- commit 7ce8b22
- net/sched: sch_fq: fix integer overflow of "credit"
(CVE-2023-53624 bsc#1251333).
- commit 4033336
- pNFS: Fix uninited ptr deref in block/scsi layout (bsc#1249215
CVE-2025-38691).
- commit b3165ea
- Update
patches.suse/0003-fbdev-omapfb-lcd_mipid-Fix-an-error-handling-path-in.patch
(bsc#1154048 CVE-2023-53650 bsc#1251283).
- Update patches.suse/0087-dm-cache-Fix-UAF-in-destroy.patch
(git-fixes CVE-2022-50496 bsc#1251091).
- Update
patches.suse/0088-dm-thin-Fix-ABBA-deadlock-between-shrink_slab-and-dm_pool_abort_metadata.patch
(git-fixes CVE-2022-50549 bsc#1251550).
- Update
patches.suse/0092-dm-thin-Use-last-transaction-s-pmd-root-when-commit-failed.patch
(git-fixes CVE-2022-50534 bsc#1251292).
- Update
patches.suse/Input-raspberrypi-ts-fix-refcount-leak-in-rpi_ts_pro.patch
(git-fixes CVE-2023-53533 bsc#1251080).
- Update
patches.suse/NFSD-Protect-against-send-buffer-overflow-in-NFSv3-Rdir.patch
(bsc#1205128 CVE-2022-43945 bsc#1210124 CVE-2022-50487
bsc#1251208).
- Update
patches.suse/bcache-Fix-__bch_btree_node_alloc-to-make-the-failur-80fc.patch
(git-fixes CVE-2023-53681 bsc#1251769).
- Update
patches.suse/bpf-sockmap-Fix-repeated-calls-to-sock_put-when-msg-.patch
(bsc#1235485 CVE-2024-56633 CVE-2022-50536 bsc#1251293).
- Update
patches.suse/btrfs-output-extra-debug-info-if-we-failed-to-find-a.patch
(bsc#1215136 CVE-2023-53672 bsc#1251780).
- Update
patches.suse/dm-integrity-call-kmem_cache_destroy-in-dm_integrity-6b79.patch
(git-fixes CVE-2023-53604 bsc#1251210).
- Update
patches.suse/firmware-raspberrypi-fix-possible-memory-leak-in-rpi.patch
(git-fixes CVE-2022-50537 bsc#1251294).
- Update
patches.suse/fs-hfsplus-remove-WARN_ON-from-hfsplus_cat_-read-write-_inode.patch
(git-fixes CVE-2023-53683 bsc#1251329).
- Update
patches.suse/gfs2-Fix-possible-data-races-in-gfs2_show_options.patch
(git-fixes CVE-2023-53622 bsc#1251777).
- Update
patches.suse/ipmi-Cleanup-oops-on-initialization-failure.patch
(FATE#326156 CVE-2023-53611 bsc#1251123).
- Update
patches.suse/media-coda-Add-check-for-dcoda_iram_alloc.patch
(git-fixes CVE-2022-50501 bsc#1251099).
- Update patches.suse/media-coda-Add-check-for-kmalloc.patch
(git-fixes CVE-2022-50509 bsc#1251522).
- Update patches.suse/media-radio-shark-Add-endpoint-checks.patch
(git-fixes CVE-2023-53644 bsc#1251736).
- Update
patches.suse/msft-hv-2870-Drivers-hv-vmbus-Don-t-dereference-ACPI-root-object-.patch
(git-fixes CVE-2023-53647 bsc#1251732).
- Update
patches.suse/net-cdc_ncm-Deal-with-too-low-values-of-dwNtbOutMaxS.patch
(git-fixes CVE-2023-53667 bsc#1251761).
- Update
patches.suse/ocfs2-fix-defrag-path-triggering-jbd2-ASSERT.patch
(git-fixes CVE-2023-53564 bsc#1251072).
- Update
patches.suse/powerpc-rtas-avoid-scheduling-in-rtas_os_term.patch
(bsc#1065729 CVE-2022-50504 bsc#1251182).
- Update
patches.suse/ring-buffer-Fix-deadloop-issue-on-reading-trace_pipe.patch
(git-fixes CVE-2023-53668 bsc#1251286).
- Update
patches.suse/ring-buffer-Sync-IRQ-works-before-buffer-destruction.patch
(git-fixes CVE-2023-53587 bsc#1251128).
- Update
patches.suse/s390-zcrypt-don-t-leak-memory-if-dev_set_name-fails.patch
(git-fixes bsc#1215152 CVE-2023-53568 bsc#1251035).
- Update
patches.suse/scsi-mpt3sas-Fix-possible-resource-leaks-in-mpt3sas_transport_port_add.patch
(git-fixes CVE-2022-50532 bsc#1251300).
- Update
patches.suse/scsi-qla2xxx-Avoid-fcport-pointer-dereference.patch
(bsc#1213747 CVE-2023-53603 bsc#1251180).
- Update
patches.suse/scsi-qla2xxx-Fix-crash-when-I-O-abort-times-out.patch
(jsc#PED-568 CVE-2022-50493 bsc#1251088).
- Update
patches.suse/scsi-qla2xxx-Fix-deletion-race-condition.patch
(bsc#1213747 CVE-2023-53615 bsc#1251113).
- Update
patches.suse/scsi-ses-Fix-possible-desc_ptr-out-of-bounds-accesses.patch
(git-fixes CVE-2023-53675 bsc#1251325).
- Update
patches.suse/usb-host-xhci-Fix-potential-memory-leak-in-xhci_allo.patch
(git-fixes CVE-2022-50544 bsc#1251725).
- Update
patches.suse/xhci-Remove-device-endpoints-from-bandwidth-list-whe.patch
(git-fixes CVE-2022-50470 bsc#1251202).
- commit a902bff
- fs: fix UAF/GPF bug in nilfs_mdt_destroy (CVE-2022-50367 bsc#1250277)
- commit d8f49e5
- cnic: Fix use-after-free bugs in cnic_delete_task
(CVE-2025-39945 bsc#1251230).
- iavf: Fix use-after-free in free_netdev (CVE-2023-53556
bsc#1251059).
- commit afb4745
- wifi: iwlwifi: mvm: don't trust firmware n_channels
(CVE-2023-53589 bsc#1251129).
- commit 988e8e2
- driver core: fix resource leak in device_add() (CVE-2023-53594
bsc#1251166).
- commit 5614ed9
- wifi: brcmfmac: ensure CLM version is null-terminated to
prevent stack-out-of-bounds (CVE-2023-53582 bsc#1251061).
- commit fad0717
- tracing: Add down_write(trace_event_sem) when adding trace event
(bsc#1248211 CVE-2025-38539).
- commit e8323f2
- ftrace: Also allocate and copy hash for reading of filter files
(bsc#1250032 CVE-2025-39813).
- commit fc74b08
- ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode
(bsc#1251197 CVE-2022-50485).
- commit e7befdc
- fs: writeback: fix use-after-free in __mark_inode_dirty()
(bsc#1250455 CVE-2025-39866).
- commit 71bbea8
- fs: Prevent file descriptor table allocations exceeding INT_MAX
(bsc#1249512 CVE-2025-39756).
- commit a3d8b0c
- ftrace: Fix potential warning in trace_printk_seq during
ftrace_dump (bsc#1250032 CVE-2025-39813).
- commit 4308207
- trace/fgraph: Fix the warning caused by missing unregister
notifier (bsc#1248211 CVE-2025-38539).
- commit 44bb2c8
- ipv6: Add lwtunnel encap size of all siblings in nexthop
calculation (CVE-2023-53477 bsc#1250840).
- commit 9c1503d
- drivers: base: Free devm resources when unregistering a device
(CVE-2023-53596 bsc#1251161).
- commit b016181
- media: v4l2-mem2mem: add lock to protect parameter num_rdy
(CVE-2023-53519 bsc#1250964).
- commit d68a51f
- ip_vti: fix potential slab-use-after-free in decode_session6
(CVE-2023-53559 bsc#1251052).
- commit 688b608
- Refresh
patches.suse/e1000e-fix-heap-overflow-in-e1000_set_eeprom.patch.
- commit 9531965
- ACPICA: Fix use-after-free in
acpi_ut_copy_ipackage_to_ipackage() (CVE-2022-50423
bsc#1250784).
- commit e5308a6
- scsi: lpfc: Fix buffer free/clear order in deferred receive path
(CVE-2025-39841 bsc#1250274).
- scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory
is allocated (CVE-2025-38700 bsc#1249182).
- scsi: bfa: Double-free fix (CVE-2025-38699 bsc#1249224).
- scsi: lpfc: Fix use-after-free KFENCE violation during sysfs
firmware write (CVE-2023-53282 bsc#1250311).
- scsi: target: iscsi: Fix a race condition between login_work
and the login thread (CVE-2022-50350 bsc#1250261).
- commit 204e345
- net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb
(CVE-2023-53548 bsc#1251066).
- blacklist.conf: CVE unknown at the time
- commit 7beb085
- drm/rockchip: lvds: fix PM usage counter unbalance in poweron (bsc#1250768 CVE-2022-50443)
- commit b56de15
- fs: dlm: fix invalid derefence of sb_lvbptr (bsc#1251741
CVE-2022-50516).
- commit 09e6897
- af_unix: Fix data-races around user->unix_inflight
(CVE-2023-53204 bsc#1249682).
- commit 77897d4
- media: si470x: Fix use-after-free in si470x_int_in_callback()
(CVE-2022-50542 bsc#1251330).
- commit 29b7473
- ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value (CVE-2022-50327 bsc#1249859)
- commit 18b9822
- scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport
structure (CVE-2025-38695 bsc#1249285).
- commit a538909
- cxl: fix possible null-ptr-deref in cxl_guest_init_afu|adapter()
(CVE-2022-50481 bsc#1251051).
- commit e12557d
- lwt: Fix return values of BPF xmit ops (bsc#1250074
CVE-2023-53338).
- commit 6dcc27e
- i2c: ismt: Fix an out-of-bounds bug in ismt_access() (CVE-2022-50394 bsc#1250107)
- commit 473df14
- wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes (CVE-2023-53185 bsc#1249820)
- commit ee941e7
- irqchip/alpine-msi: Fix refcount leak in alpine_msix_init_domains (CVE-2023-53191 bsc#1249721)
- commit 3a22168
- ubi: Fix unreferenced object reported by kmemleak in ubi_resize_volume() (CVE-2023-53271 bsc#1249916)
- commit 0c5e1f7
- media: bdisp: Add missing check for create_workqueue (CVE-2023-53289 bsc#1249941)
- commit a94aab1
- crypto: seqiv - Handle EBUSY correctly (CVE-2023-53373 bsc#1250137)
- commit dd42b1d
- iommu/mediatek: Fix crash on isr after kexec() (CVE-2022-50236
bsc#1249702).
- commit 97b644f
- iw_cxgb4: Fix potential NULL dereference in c4iw_fill_res_cm_id_entry() (CVE-2023-53476 bsc#1250839)
- commit 04895ff
- e1000e: fix heap overflow in e1000_set_eeprom (CVE-2025-39898
bsc#1250742).
- net: add vlan_get_protocol_and_depth() helper (CVE-2023-53433
bsc#1250164).
- commit 2836e8d
- drivers: net: qlcnic: Fix potential memory leak in qlcnic_sriov_init() (CVE-2022-50242 bsc#1249696)
- commit 2d1b74b
- igb: Do not bring the device up after non-fatal error
(CVE-2023-53148 bsc#1249842).
- commit d58ebba
- net: If sock is dead don't access sock's sk_wq in
sk_stream_wait_memory (CVE-2022-50409 bsc#1250392).
- commit d8d8ecd
- ppp: fix memory leak in pad_compress_skb (CVE-2025-39847
bsc#1250292).
- gve: prevent ethtool ops after shutdown (CVE-2025-38735
bsc#1249288).
- igb: Fix igb_down hung on surprise removal (CVE-2023-53148
bsc#1249842).
- qlcnic: prevent ->dcb use-after-free on qlcnic_dcb_enable()
failure (CVE-2022-50288 bsc#1249802).
- igb: Do not free q_vector unless new one was allocated
(CVE-2022-50252 bsc#1249846).
- commit 0b4ef82
- Update
patches.suse/0001-media-dvb-usb-az6027-fix-null-ptr-deref-in-az6027_i2.patch
(bsc#1209291 CVE-2023-28328 CVE-2022-50272 bsc#1249808).
- Update
patches.suse/0001-ubi-ensure-that-VID-header-offset-VID-header-size-al.patch
(bsc#1210584 CVE-2023-53265 bsc#1249908).
- Update
patches.suse/0001-wifi-brcmfmac-slab-out-of-bounds-read-in-brcmf_get_a.patch
(bsc#1209287 CVE-2023-1380 CVE-2023-53213 bsc#1249918).
- Update
patches.suse/0012-md-Replace-snprintf-with-scnprintf.patch
(git-fixes bsc#1164051 CVE-2022-50299 bsc#1249734).
- Update patches.suse/NFS-Fix-an-Oops-in-nfs_d_automount.patch
(git-fixes CVE-2022-50385 bsc#1250131).
- Update
patches.suse/NFSD-Protect-against-send-buffer-overflow-in-NFSv2-R.patch
(bsc#1205128 CVE-2022-43945 bsc#1210124 CVE-2022-50410
bsc#1250187).
- Update
patches.suse/NFSD-Protect-against-send-buffer-overflow-in-NFSv2-Rdir.patch
(bsc#1205128 CVE-2022-43945 CVE-2022-50235 bsc#1249667).
- Update
patches.suse/PCI-ASPM-Disable-ASPM-on-MFD-function-removal-to-avo.patch
(git-fixes CVE-2023-53446 bsc#1250145).
- Update
patches.suse/blk-mq-fix-possible-memleak-when-register-hctx-failed-4b7a.patch
(git-fixes CVE-2022-50434 bsc#1250792).
- Update
patches.suse/bpf-make-sure-skb-len-0-when-redirecting-to-a-tunnel.patch
(CVE-2022-49975 bsc#1245196 CVE-2022-50253 bsc#1249912).
- Update
patches.suse/btrfs-fix-resolving-backrefs-for-inline-extent-follo.patch
(bsc#1213133 CVE-2022-50456 bsc#1250856).
- Update
patches.suse/chardev-fix-error-handling-in-cdev_device_add.patch
(git-fixes CVE-2022-50282 bsc#1249739).
- Update
patches.suse/cifs-Fix-memory-leak-when-build-ntlmssp-negotiate-blob-failed.patch
(bsc#1190317 CVE-2022-50372 bsc#1250052).
- Update
patches.suse/cifs-Fix-warning-and-UAF-when-destroy-the-MR-list.patch
(bsc#1190317 CVE-2023-53427 bsc#1250168).
- Update patches.suse/cifs-Fix-xid-leak-in-cifs_create-.patch
(bsc#1190317 CVE-2022-50351 bsc#1249925).
- Update patches.suse/cifs-Fix-xid-leak-in-cifs_flock-.patch
(bsc#1190317 CVE-2022-50460 bsc#1250879).
- Update
patches.suse/cifs-fix-DFS-traversal-oops-without-CONFIG_CIFS_DFS_UPCALL.patch
(bsc#1190317 CVE-2023-53246 bsc#1249867).
- Update
patches.suse/drm-vmwgfx-Validate-the-box-size-for-the-snooped-cur.patch
(bsc#1203332 CVE-2022-36280 CVE-2022-50440 bsc#1250853).
- Update
patches.suse/ext4-avoid-crash-when-inline-data-creation-follows-D.patch
(bsc#1206883 CVE-2022-50435 bsc#1250799).
- Update
patches.suse/ext4-avoid-deadlock-in-fs-reclaim-with-page-writebac.patch
(bsc#1213016 CVE-2023-53149 bsc#1249882).
- Update
patches.suse/ext4-fix-i_disksize-exceeding-i_size-problem-in-pari.patch
(bsc#1213015 CVE-2023-53270 bsc#1249872).
- Update
patches.suse/ext4-fix-null-ptr-deref-in-ext4_write_info.patch
(bsc#1206884 CVE-2022-50344 bsc#1250014).
- Update
patches.suse/ext4-init-quota-for-old.inode-in-ext4_rename.patch
(bsc#1207629 CVE-2022-50346 bsc#1250044).
- Update
patches.suse/firmware-dmi-sysfs-Fix-null-ptr-deref-in-dmi_sysfs_r.patch
(bsc#1238467 CVE-2023-53250 bsc#1249727).
- Update
patches.suse/genirq-ipi-Fix-NULL-pointer-deref-in-irq_data_get_af.patch
(git-fixes CVE-2023-53332 bsc#1249951).
- Update
patches.suse/ipv6-addrconf-fix-a-potential-refcount-underflow-for.patch
(git-fixes CVE-2023-53189 bsc#1249894).
- Update
patches.suse/jbd2-check-jh-b_transaction-before-removing-it-from-.patch
(bsc#1214953 CVE-2023-53526 bsc#1250928).
- Update
patches.suse/kernfs-fix-use-after-free-in-__kernfs_remove.patch
(git-fixes CVE-2022-50432 bsc#1250851).
- Update
patches.suse/kprobes-Fix-check-for-probe-enabled-in-kill_kprobe.patch
(git-fixes CVE-2022-50266 bsc#1249810).
- Update patches.suse/md-fix-a-crash-in-mempool_free-3410.patch
(git-fixes CVE-2022-50381 bsc#1250257).
- Update
patches.suse/md-raid10-check-slab-out-of-bounds-in-md_bitmap_get_-3018.patch
(git-fixes CVE-2023-53357 bsc#1249994).
- Update
patches.suse/md-raid10-fix-leak-of-r10bio-remaining-for-recovery-2620.patch
(git-fixes CVE-2023-53299 bsc#1249927).
- Update
patches.suse/md-raid10-fix-null-ptr-deref-of-mreplace-in-raid10_s-3481.patch
(git-fixes CVE-2023-53380 bsc#1250198).
- Update
patches.suse/md-raid10-fix-wrong-setting-of-max_corr_read_errors-f8b2.patch
(git-fixes CVE-2023-53313 bsc#1249911).
- Update
patches.suse/md-raid10-prevent-soft-lockup-while-flush-writes-0104.patch
(git-fixes CVE-2023-53151 bsc#1249865).
- Update
patches.suse/msft-hv-2841-scsi-storvsc-Fix-handling-of-virtual-Fibre-Channel-t.patch
(git-fixes CVE-2023-53245 bsc#1249641).
- Update
patches.suse/net-fec-Better-handle-pm_runtime_get-failing-in-.rem.patch
(git-fixes CVE-2023-53308 bsc#1250045).
- Update
patches.suse/netfilter-conntrack-dccp-copy-entire-header-to-stack.patch
(CVE-2023-39197 bsc#1216976 CVE-2023-53333 bsc#1249949).
- Update
patches.suse/netlink-avoid-infinite-retry-looping-in-netlink_unic.patch
(CVE-2025-38465 bsc#1247118 CVE-2025-38727 bsc#1249166).
- Update
patches.suse/nfsd-under-NFSv4.1-fix-double-svc_xprt_put-on-rpc_cr.patch
(git-fixes CVE-2022-50401 bsc#1250140).
- Update
patches.suse/ocfs2-fix-memory-leak-in-ocfs2_stack_glue_init.patch
(git-fixes CVE-2022-50289 bsc#1249981).
- Update
patches.suse/powerpc-Don-t-try-to-copy-PPR-for-task-with-NULL-pt_.patch
(bsc#1065729 CVE-2023-53326 bsc#1250071).
- Update
patches.suse/pstore-ram-Check-start-of-empty-przs-during-init.patch
(git-fixes CVE-2023-53331 bsc#1249950).
- Update
patches.suse/rbd-avoid-use-after-free-in-do_rbd_add-when-rbd_dev_-f7c4.patch
(git-fixes CVE-2023-53307 bsc#1250043).
- Update
patches.suse/sched-fair-Don-t-balance-task-to-its-current-running-CPU.patch
(git fixes (sched) CVE-2023-53215 bsc#1250397).
- Update
patches.suse/scsi-core-Fix-possible-memory-leak-if-device_add-fails.patch
(git-fixes CVE-2023-53174 bsc#1250024).
- Update
patches.suse/scsi-fcoe-Fix-transport-not-deattached-when-fcoe_if_init-fails.patch
(git-fixes CVE-2022-50414 bsc#1250183).
- Update
patches.suse/scsi-libsas-Fix-use-after-free-bug-in-smp_execute_task_sg.patch
(git-fixes CVE-2022-50422 bsc#1250774).
- Update patches.suse/scsi-mpt3sas-Fix-a-memory-leak.patch
(git-fixes CVE-2023-53512 bsc#1250915).
- Update
patches.suse/scsi-qla2xxx-Fix-potential-NULL-pointer-dereference.patch
(bsc#1213747 CVE-2023-53451 bsc#1250831).
- Update
patches.suse/scsi-qla2xxx-Pointer-may-be-dereferenced.patch
(bsc#1213747 CVE-2023-53150 bsc#1249853).
- Update
patches.suse/scsi-qla2xxx-Remove-unused-nvme_ls_waitq-wait-queue.patch
(bsc#1213747 CVE-2023-53280 bsc#1249938).
- Update
patches.suse/scsi-qla2xxx-Use-raw_smp_processor_id-instead-of-smp.patch
(git-fixes CVE-2023-53530 bsc#1250949).
- Update
patches.suse/scsi-qla2xxx-Wait-for-io-return-on-terminate-rport.patch
(bsc#1211960 CVE-2023-53322 bsc#1250323).
- Update
patches.suse/scsi-qla4xxx-Add-length-check-when-parsing-nlattrs.patch
(git-fixes CVE-2023-53456 bsc#1250765).
- Update
patches.suse/scsi-ses-Fix-slab-out-of-bounds-in-ses_intf_remove.patch
(git-fixes CVE-2023-53521 bsc#1250965).
- Update
patches.suse/scsi-snic-Fix-possible-memory-leak-if-device_add-fails.patch
(git-fixes CVE-2023-53436 bsc#1250156).
- Update
patches.suse/tpm-tpm_crb-Add-the-missed-acpi_put_table-to-fix-mem.patch
(bsc#1082555 CVE-2022-50389 bsc#1250121).
- Update
patches.suse/tracing-Fix-race-issue-between-cpu-buffer-write-and-swap.patch
(git-fixes CVE-2023-53368 bsc#1249979).
- Update
patches.suse/udf-Do-not-bother-merging-very-long-extents.patch
(bsc#1213040 CVE-2023-53506 bsc#1250963).
- Update
patches.suse/udf-Do-not-update-file-length-for-failed-writes-to-i.patch
(bsc#1213041 CVE-2023-53295 bsc#1250324).
- Update
patches.suse/udf-Fix-uninitialized-array-access-for-some-pathname.patch
(bsc#1214967 CVE-2023-53165 bsc#1250395).
- Update
patches.suse/vhost-vsock-Use-kvmalloc-kvfree-for-larger-packets.patch
(git-fixes CVE-2022-50271 bsc#1249740).
- Update
patches.suse/virtio_net-Fix-error-unwinding-of-XDP-initialization.patch
(git-fixes CVE-2023-53499 bsc#1250818).
- Update patches.suse/xen-gntdev-Prevent-leaking-grants.patch
(git-fixes CVE-2022-50257 bsc#1249743).
- Update
patches.suse/xfrm-add-NULL-check-in-xfrm_update_ae_params.patch
(bsc#1213666 CVE-2023-3772 CVE-2023-53147 bsc#1249880).
- commit f14b4f5
- i40e: Fix potential invalid access when MAC list is empty (CVE-2025-39853 bsc#1250275)
- commit 15849c1
- x86/tsc: Append the 'tsc=' description for the 'tsc=unstable'
boot parameter (git-fixes).
- Refresh
patches.suse/0004-x86-cpu-Add-a-tsx-cmdline-option-with-TSX-disabled-b.patch.
- commit fc36e71
- Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen()
(CVE-2025-39860 bsc#1250247).
- commit db1f312
- rpm/check-for-config-changes: ignore CONFIG_SCHED_PROXY_EXEC, too (bsc#1250946)
CONFIG_SCHED_PROXY_EXEC is set only when the debug is off, exclusive
to CONFIG_SCHED_CLASS_EXT.
- commit ac06fa9
- net: bridge: fix soft lockup in br_multicast_query_expired()
(CVE-2025-39773 bsc#1249504).
- net: bridge: mcast: add and enforce startup query interval
minimum (CVE-2025-39773 bsc1249504).
- net: bridge: mcast: add and enforce query interval minimum
(CVE-2025-39773 bsc1249504).
- commit 86febde
- HID: asus: fix UAF via HID_CLAIMED_INPUT validation
(CVE-2025-39824 bsc#1250007).
- commit 74f7410
- ip6mr: Fix skb_under_panic in ip6mr_cache_report()
(CVE-2023-53365 bsc#1249988).
- commit 31b9909
- dmaengine: ti: edma: Fix memory allocation size for
queue_priority_map (CVE-2025-39869 bsc#1250406).
- commit 0c7b875
- netfilter: ctnetlink: remove refcounting in expectation dumpers
(CVE-2025-39764 bsc#1249513).
- commit 21919f3
- net/sched: Fix backlog accounting in qdisc_dequeue_internal
(CVE-2025-39677 bsc#1249300).
- commit 019e014
- cifs: prevent NULL pointer dereference in UTF16 conversion
(bsc#1250365, CVE-2025-39838).
- commit a653056
- l2tp: remove unused list_head member in l2tp_tunnel (git-fixes).
- commit a146724
- Refresh
patches.suse/l2tp-prevent-lockdep-issue-in-l2tp_tunnel_register.patch.
Move the call to release_sock() to match upstream. This will make
future backports easier.
- commit 7c5477e
- Bluetooth: eir: Fix using strlen with
hdev->{dev_name,short_name} (CVE-2022-50233 bsc#1246968).
- commit 7861eb7
- Update
patches.suse/ACPICA-Fix-error-code-path-in-acpi_ds_call_control_method.patch
(bsc#1250393 CVE-2022-50411).
Fix wrongly C&Ped bug and CVE number.
- commit c1344a1
- ocfs2: fix recursive semaphore deadlock in fiemap call
(bsc#1250407 CVE-2025-39885).
- commit fa96337
- mm/smaps: fix race between smaps_hugetlb_range and migration
(CVE-2025-39754 bsc#1249524).
- commit c2c05c6
- media: cx88: Fix a null-ptr-deref bug in buffer_prepare()
(CVE-2022-50359 bsc#1250269).
- commit 680e9a1
- mISDN: hfcpci: Fix warning when deleting uninitialized timer
(CVE-2025-39833 bsc#1250028).
- commit 44dd6de
- net: ena: fix shift-out-of-bounds in exponential backoff (CVE-2023-53272 bsc#1249917)
- commit 79f3645
- Refresh
patches.suse/btrfs-fix-deadlock-when-aborting-transaction-during-.patch.
- Refresh
patches.suse/btrfs-prevent-ioctls-from-interfering-with-a-swap-file.patch.
- commit df48fdf
- wifi: brcmfmac: fix use-after-free when rescheduling
brcmf_btcoex_info work (CVE-2025-39863 bsc#1250281).
- commit b50d5fe
- serial: 8250: Fix oops for port->pm on uart_change_pm()
(CVE-2023-53176 bsc#1249991).
- commit ef178fc
- Bluetooth: L2CAP: Fix user-after-free (CVE-2022-50386
bsc#1250301).
- Refresh
patches.suse/Bluetooth-L2CAP-Fix-corrupted-list-in-hci_chan_del.patch.
- commit ef8e23b
- mm: zswap: fix missing folio cleanup in writeback race path
(CVE-2023-53178 bsc#1249827 git-fix).
- commit 556f4d6
- mm: fix zswap writeback race condition (CVE-2023-53178
bsc#1249827).
- commit 58cd2c5
- Bluetooth: hci_sysfs: Fix attempting to call device_add multiple
times (CVE-2022-50419 bsc#1250394).
- commit b4e8638
- wifi: brcmfmac: fix use-after-free bug in
brcmf_netdev_start_xmit() (CVE-2022-50408 bsc#1250391).
- commit d1d8e28
- ALSA: hda: Fix Oops by 9.1 surround channel names
(CVE-2023-53400 bsc#1250328).
- commit ba820fb
- wifi: mac80211_hwsim: drop short frames (CVE-2023-53321
bsc#1250313).
- commit 6ddc75a
- tee: fix NULL pointer dereference in tee_shm_put (CVE-2025-39865
bsc#1250294).
- commit f721184
- serial: 8250: Reinit port->pm on port specific driver unbind
(CVE-2023-53176 bsc#1249991).
- tty: serial: fsl_lpuart: disable dma rx/tx use flags in
lpuart_dma_shutdown (CVE-2022-50375 bsc#1250132).
- Refresh
patches.suse/tty-serial-fsl_lpuart-fix-race-on-RX-DMA-shutdown.patch.
- drivers: serial: jsm: fix some leaks in probe (CVE-2022-50312
bsc#1249716).
- commit 1aca549
- wifi: ath9k: verify the expected usb_endpoints are present
(CVE-2022-50297 bsc#1250250).
- commit 6950b3a
- wifi: iwl4965: Add missing check for
create_singlethread_workqueue() (CVE-2023-53302 bsc#1249958).
- commit 8f88848
- nfc: fix memory leak of se_io context in nfc_genl_se_io
(CVE-2023-53298 bsc#1249944).
- Refresh
patches.suse/nfc-change-order-inside-nfc_se_io-error-path.patch.
- commit d32133b
- x86/MCE: Always save CS register on AMD Zen IF Poison errors
(CVE-2023-53438 bsc#1250180).
- commit bf84e9b
- wifi: mwifiex: avoid possible NULL skb pointer dereference
(CVE-2023-53384 bsc#1250127).
- commit d34c18b
- ALSA: usb-audio: Fix size validation in convert_chmap_v3()
(CVE-2025-39757 bsc#1249515).
- commit 0ab86d7
- HID: hid-ntrig: fix unable to handle page fault in
ntrig_report_version() (CVE-2025-39808 bsc#1250088).
- commit 5536678
- Bluetooth: L2CAP: Fix use-after-free (CVE-2023-53305
bsc#1250049).
- Refresh
patches.suse/Bluetooth-L2CAP-Fix-corrupted-list-in-hci_chan_del.patch.
- commit ac84db6
- wifi: iwl3945: Add missing check for
create_singlethread_workqueue (CVE-2023-53277 bsc#1249936).
- commit 4da361d
- soc: qcom: mdt_loader: Deal with zero e_shentsize
(CVE-2025-39787 bsc#1249545).
- soc: qcom: mdt_loader: Fix error return values in
mdt_header_valid() (CVE-2025-39787 bsc#1249545).
- commit 529120f
- ALSA: usb-audio: Validate UAC3 cluster segment descriptors
(CVE-2025-39757 bsc#1249515).
- soc: qcom: mdt_loader: Ensure we don't read past the ELF header
(CVE-2025-39787 bsc#1249545).
- commit 5d06f31
- btrfs: abort transaction on unexpected eb generation at
btrfs_copy_root() (bsc#1250177 CVE-2025-39800).
- Refresh
patches.suse/0001-btrfs-Introduce-support-for-FSID-change-without-meta.patch.
- Refresh
patches.suse/0002-btrfs-Remove-fsid-metadata_fsid-fields-from-btrfs_in.patch.
- commit ebb9819
- kernel-source.spec: Depend on python3-base for build
Both kernel-binary and kernel-docs already have this dependency.
Adding it to kernel-source makes it possible to use python in shared
build scripts.
- commit 72fdedd
- kernel-source: Do not list mkspec and its inputs as sources
(bsc#1250522).
This excludes the files from the src.rpm. The next step is to remove
these files in tar-up so that they do not get uploaded to OBS either.
As there is only one version of tar-up these files need to be removed
from all kernels.
- commit e72b8a2
- bpf: cpumap: Fix memory leak in cpu_map_update_elem (bsc#1250150
CVE-2023-53441).
- commit 77b4844
- drivers/md/md-bitmap: check the return value of
md_bitmap_get_counter() (CVE-2022-50402, bsc#1250363).
- commit b998cb4
- ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer (bsc#1250358
CVE-2023-53395).
- commit 16cf2b4
- ACPICA: Fix error code path in acpi_ds_call_control_method()
(bsc#1249615 CVE-2025-39763).
- commit 00cd9ae
- rpm: Link arch-symbols script from scripts directory.
- commit 90b2abb
- skbuff: Account for tail adjustment during pull operations
(CVE-2022-50365 bsc#1250084).
- commit 2c0b58b
- btrfs: fix deadlock when aborting transaction during relocation
with scrub (bsc#1250018 CVE-2023-53348).
- commit 6970fda
- use uniform permission checks for all mount propagation changes
(git-fixes).
- commit 5972133
- net/tunnel: wait until all sk_user_data reader finish before
releasing the sock (CVE-2022-50405 bsc#1250155).
- commit aea82ac
- rpm: Link guards script from scripts directory.
- commit e19a893
- usb: core: config: Prevent OOB read in SS endpoint companion
parsing (CVE-2025-39760 bsc#1249598).
- commit ee5b3a5
- can: bcm: bcm_tx_setup(): fix KMSAN uninit-value in vfs_write
(CVE-2023-53344 bsc#1250023).
- net: sched: fix memory leak in tcindex_set_parms (CVE-2022-50396
bsc#1250104).
- net: hns: fix possible memory leak in hnae_ae_register()
(CVE-2022-50352 bsc#1249922).
- commit 10ff501
- drm/client: Fix memory leak in drm_client_modeset_probe (bsc#1250058 CVE-2023-53288)
- commit d2583cc
- modpost: fix off by one in is_executable_section() (bsc#1250125
CVE-2023-53397).
- commit 1e88ffb
- dma-buf: add dma_fence_get_stub (bsc#1249779)
- commit af3d574
- drm/amdgpu: install stub fence into potential unused fence pointers (bsc#1249779 CVE-2023-53248)
- commit 2f24c24
- Refresh patches.kabi/blkg_policy_data-fix-kabi.patch.
- Refresh
patches.kabi/xsk-Fix-race-condition-in-AF_XDP-generic-RX-path.patch.
- commit aee218b
- fixup patches.suse/ext4-fix-WARNING-in-mb_find_extent.patch
- commit bc062c7
- RDMA/mlx5: Fix mlx5_ib_get_hw_stats when used for device (CVE-2023-53393 bsc#1250114)
- commit 3367be7
- RDMA/cxgb4: Fix potential null-ptr-deref in pass_establish() (CVE-2023-53335 bsc#1250072)
- commit de7e5a8
- drm/radeon: Fix integer overflow in radeon_cs_parser_init
(CVE-2023-53309 bsc#1250055).
- commit 0fc616d
- Refresh patches.kabi/blkg_policy_data-fix-kabi.patch.
- commit 5d9cd59
- Update config files. (bsc#1249186)
Enable where we define KABI refs + rely on Kconfig deps.
- commit a2cab75
- Refresh patches.kabi/blkg_policy_data-fix-kabi.patch.
- Refresh
patches.kabi/xsk-Fix-race-condition-in-AF_XDP-generic-RX-path.patch.
Semiautomatic
git grep -l BUILD_BUG_ON patches.kabi/ | xargs sed -i '/^+/s/\<BUILD_BUG_ON\>/suse_kabi_static_assert/'
plus manual drop of guard in blkg_policy_data-fix-kabi.patch.
- commit 7689a50
- build_bug.h: add wrapper for _Static_assert (bsc#1249186).
- commit 55004e9
- iomap: iomap: fix memory corruption when recording errors
during writeback (bsc#1250165 CVE-2022-50406).
- commit 5a4f1a7
- ext4: fix WARNING in mb_find_extent (bsc#1250081
CVE-2023-53317).
- commit 85276b3
- jbd2: prevent softlockup in jbd2_log_do_checkpoint()
(bsc#1249526 CVE-2025-39782).
- commit 3659634
- ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr
(bsc#1249258 CVE-2025-38701).
- commit a95c36d
- fs/buffer: fix use-after-free when call bh_read() helper
(bsc#1249374 CVE-2025-39691).
- commit f608a73
- kcm: annotate data-races around kcm->rx_wait (CVE-2022-50265
bsc#1249744).
- kcm: annotate data-races around kcm->rx_psock (CVE-2022-50291
bsc#1249798).
- commit aaba982
- hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file()
(bsc#1249194 CVE-2025-38712).
- commit 521eb34
- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()
(bsc#1249200 CVE-2025-38713).
- commit 91e012f
- wifi: brcmfmac: Fix potential stack-out-of-bounds in
brcmf_c_preinit_dcmds() (CVE-2022-50258 bsc#1249947).
- commit 5e60cf0
- drivers: base: cacheinfo: Fix shared_cpu_map changes in event
of CPU hotplug (CVE-2023-53254 bsc#1249871).
- commit d73f053
- cacheinfo: Fix shared_cpu_map to handle shared caches at
different levels (CVE-2023-53254 bsc#1249871).
- commit b2d75ed
- wifi: mwifiex: Fix oob check condition in
mwifiex_process_rx_packet (CVE-2023-53226 bsc#1249658).
- wifi: mwifiex: Fix missed return in oob checks failed path
(CVE-2023-53226 bsc#1249658).
- wifi: cfg80211: Partial revert "wifi: cfg80211: Fix use after
free for wext" (CVE-2023-53153 bsc#1249877).
- commit 01aaa87
- wifi: mwifiex: Fix OOB and integer underflow when rx packets
(CVE-2023-53226 bsc#1249658).
- wifi: cfg80211: Fix use after free for wext (CVE-2023-53153
bsc#1249877).
- wifi: ath9k: hif_usb: clean up skbs if ath9k_hif_usb_rx_stream()
fails (CVE-2023-53199 bsc#1249683).
- commit f427ccc
- crypto: cavium - prevent integer overflow loading firmware
(CVE-2022-50330 bsc#1249700).
- commit 489e575
- crypto: cavium - add release_firmware to all return case
(CVE-2022-50330 bsc#1249700).
- commit 372d22d
- misc: tifm: fix possible memory leak in tifm_7xx1_switch_media()
(CVE-2022-50349 bsc#1249920).
- commit 658f5fe
- wifi: brcmfmac: fix potential memory leak in
brcmf_netdev_start_xmit() (CVE-2022-50321 bsc#1249706).
- commit d3baaae
- cxl: Fix refcount leak in cxl_calc_capp_routing (CVE-2022-50311
bsc#1249720).
- commit 70f8a07
- mm: export bdi_unregister (CVE-2022-50304 bsc#1249725).
- commit 9420929
- mtd: core: fix possible resource leak in init_mtd()
(CVE-2022-50304 bsc#1249725).
- commit 191b4a8
- mm,hugetlb: take hugetlb_lock before decrementing
h->resv_huge_pages (CVE-2022-50285 bsc#1249803).
- commit 53c2d88
- RDMA/bnxt_re: wraparound mbox producer index (CVE-2023-53201 bsc#1249687)
- commit 4aab7ab
- wifi: libertas: fix memory leak in lbs_init_adapter()
(CVE-2022-50294 bsc#1249799).
- cxl: fix possible null-ptr-deref in cxl_pci_init_afu|adapter()
(CVE-2022-50244 bsc#1249647).
- PNP: fix name memory leak in pnp_alloc_dev() (CVE-2022-50278
bsc#1249715).
- commit c3e3de7
- drm/amd/pm: fix null pointer access (CVE-2025-38705
bsc#1249334).
- commit 6b431f7
- fbdev: fix potential buffer overflow in
do_register_framebuffer() (CVE-2025-38702 bsc#1249254).
- commit 4004fc6
- drm/amdkfd: Destroy KFD debugfs after destroy KFD wq
(CVE-2025-39706 bsc#1249413).
- commit 83af3ba
- Refresh
patches.suse/Bluetooth-Replace-BT_DBG-with-bt_dev_dbg-for-managem.patch.
- commit c6ff1e0
- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control
(CVE-2025-39751 bsc#1249538).
- commit 8a44263
- kABI fix after x86/vmscape: Add conditional IBPB mitigation
(bsc#1247483 CVE-2025-40300).
- commit 0df5e36
- drm/amd/display: fix a Null pointer dereference vulnerability (bsc#1249295 CVE-2025-39705)
- commit 478e53d
- Bluetooth: hci_core: Fix calling mgmt_device_connected
(git-fixes).
- commit bd515e0
- ALSA: usb-audio: Validate UAC3 power domain descriptors, too
(CVE-2025-38729 bsc#1249164).
- commit 8b412cb
- pptp: fix pptp_xmit() error path (git-fixes).
- pptp: ensure minimal skb length in pptp_xmit() (CVE-2025-38574
bsc#1248365).
- can: netlink: can_changelink(): fix NULL pointer deref of
struct can_priv::do_set_mode (CVE-2025-38665 bsc#1248648).
- tls: separate no-async decryption request handling from async
(CVE-2024-58240 bsc#1248847).
- commit cb8a609
- Limit patch filenames to 100 characters (bsc#1249604).
- commit e94c0ca
- smb: client: fix use-after-free in cifs_oplock_break
(bsc#1248199, CVE-2025-38527).
- commit e4dac9c
- tipc: improve function tipc_wait_for_cond() (bsc#1249037).
- commit 66b60a2
- PCI: Fix use-after-free of slot->bus on hot remove
(CVE-2024-53194 bsc#1235459).
- commit 8ed6518
- kernel-subpackage-build: Decompress ghost file when compressed version exists (bsc#1249346)
- commit 40606b5
- powerpc/eeh: Export eeh_unfreeze_pe() (CVE-2025-38623
bsc#1248610).
- commit e1ab8da
- pci/hotplug/pnv-php: Wrap warnings in macro (CVE-2025-38623
bsc#1248610).
- commit fcff164
- PCI: pnv_php: Fix surprise plug detection and recovery
(CVE-2025-38623 bsc#1248610).
- commit 77a6e44
- PCI: pnv_php: Clean up allocated IRQs on unplug (CVE-2025-38624
bsc#1248617).
- commit f20bd36
- netfilter: xt_nfacct: don't assume acct name is null-terminated (CVE-2025-38639 bsc#1248674)
- commit 85e9df6
- s390/ism: fix concurrency management in ism_cmd() (git-fixes
bsc#1249266 CVE-2025-39726).
- commit 4cdfb37
- fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (bsc#1249220 CVE-2025-38685)
- commit d40c5ad
- pinmux: fix race causing mux_owner NULL with active mux_usecount
(CVE-2025-38632 bsc#1248669).
- commit 417d30f
- smb: client: fix use-after-free in crypt_message when using
async crypto (bsc#1247239, CVE-2025-38488).
- commit f68b209
- wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start()
(CVE-2025-38602 bsc#1248341).
- commit 26c0123
- iwlwifi: Add missing check for alloc_ordered_workqueue
(CVE-2025-38602 bsc#1248341).
- commit 1f095f0
- wifi: rtl818x: Kill URBs before clearing tx status queue (CVE-2025-38604 bsc#1248333)
- commit 3582a16
- ipv6: reject malicious packets in ipv6_gso_segment()
(CVE-2025-38572 bsc#1248399).
- net/sched: Restrict conditions for adding duplicating netems
to qdisc tree (CVE-2025-38553 bsc#1248255).
- commit edb7431
- rpm: Configure KABI checkingness macro (bsc#1249186)
The value of the config should match presence of KABI reference data. If
it mismatches:
- !CONFIG & reference -> this is bug, immediate fail
- CONFIG & no reference -> OK temporarily, must be resolved eventually
- commit 23c1536
- Kconfig.suse: Add KABI checkiness macro (config) (bsc#1249186)
The motivation: there are patches.kabi/ patches that restore KABI and
they check validity of the approach with static_assert()s to prevent
accidental KABI breakage.
These asserts are invoked on each arch-flavor and they may signal false
negatives -- that is KABI restoration patch could break KABI but the
given arch-flavor defines no KABI.
The intended use is to disable the compile time checks in patches.kabi/
(but not to be confused with __GENKSYMS__ that affects how reference is
calculated).
The name is chosen so that it mimics HAVE_* macros that are not
configured manually (but is selected by an arch). In our case it's
(un)selected by build script depending on whether KABI reference is
defined for given arch-flavor and whether check is really requested by
the user. Default value is 'n' so that people building merely via
Makefile (not RPM with KABI checking) obtain consistent config.
- commit 75ce338