- kernel-azure
-
- kABI workaround for struct atmdev_ops extension (CVE-2025-39828
bsc#1250205).
- commit ece3f96
- atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control()
(CVE-2025-39828 bsc#1250205).
- commit a2ac627
- ACPI: NFIT: Fix incorrect ndr_desc being reportedin dev_err
message (git-fixes).
- watchdog: mpc8xxx_wdt: Reload the watchdog timer when enabling
the watchdog (git-fixes).
- PCI: tegra: Convert struct tegra_msi mask_lock into raw spinlock
(git-fixes).
- PCI: tegra194: Fix duplicate PLL disable in
pex_ep_event_pex_rst_assert() (git-fixes).
- PCI: tegra: Fix devm_kcalloc() argument order for port->phys
allocation (git-fixes).
- PCI: rcar-host: Drop PMSR spinlock (git-fixes).
- PCI: keystone: Use devm_request_irq() to free
"ks-pcie-error-irq" on exit (git-fixes).
- PCI: tegra194: Handle errors in BPMP response (git-fixes).
- PCI: tegra194: Fix broken tegra_pcie_ep_raise_msi_irq()
(git-fixes).
- PCI/IOV: Add PCI rescan-remove locking when enabling/disabling
SR-IOV (git-fixes).
- PCI/sysfs: Ensure devices are powered for config reads
(git-fixes).
- PCI/AER: Fix missing uevent on recovery when a reset is
requested (git-fixes).
- PCI/ERR: Fix uevent on failure to recover (git-fixes).
- dmaengine: Fix dma_async_tx_descriptor->tx_submit documentation
(git-fixes).
- phy: rockchip: naneng-combphy: Enable U3 OTG port for RK3568
(git-fixes).
- media: rc: fix races with imon_disconnect() (git-fixes).
- commit 1710395
- arm64: dts: apple: Add ethernet0 alias for J375 template (git-fixes)
- commit 122f705
- arm64: dts: apple: t8103-j457: Fix PCIe ethernet iommu-map (git-fixes)
- commit 886bc20
- arm64: dts: imx8mp: Correct thermal sensor index (git-fixes)
- commit 2283cd3
- wifi: ath12k: Add MODULE_FIRMWARE() entries (bsc#1250952).
- commit fbc86d9
- scsi: qla2xxx: Fix incorrect sign of error code in
qla_nvme_xmt_ls_rsp() (git-fixes).
- scsi: qla2xxx: Fix incorrect sign of error code in
START_SP_W_RETRIES() (git-fixes).
- scsi: qla2xxx: edif: Fix incorrect sign of error code
(git-fixes).
- scsi: qla2xxx: Use secs_to_jiffies() instead of
msecs_to_jiffies() (git-fixes).
- scsi: qla2xxx: Remove firmware URL (git-fixes).
- scsi: qla2xxx: Avoid stack frame size warning in qla_dfs
(git-fixes).
- commit db6525b
- scsi: lpfc: Copyright updates for 14.4.0.11 patches
(bsc#1250519).
- scsi: lpfc: Update lpfc version to 14.4.0.11 (bsc#1250519).
- scsi: lpfc: Ensure PLOGI_ACC is sent prior to PRLI in Point
to Point topology (bsc#1250519).
- scsi: lpfc: Check return status of lpfc_reset_flush_io_context
during TGT_RESET (bsc#1250519).
- scsi: lpfc: Decrement ndlp kref after FDISC retries exhausted
(bsc#1250519).
- scsi: lpfc: Remove ndlp kref decrement clause for F_Port_Ctrl
in lpfc_cleanup (bsc#1250519).
- scsi: lpfc: Clean up allocated queues when queue setup mbox
commands fail (bsc#1250519).
- scsi: lpfc: Abort outstanding ELS WQEs regardless of if rmmod
is in progress (bsc#1250519).
- scsi: lpfc: Remove unused member variables in struct lpfc_hba
and lpfc_vport (bsc#1250519).
- scsi: lpfc: Use int type to store negative error codes
(bsc#1250519).
- scsi: fc: Avoid -Wflex-array-member-not-at-end warnings
(bsc#1250519).
- scsi: lpfc: use min() to improve code (bsc#1250519).
- scsi: lpfc: Fix buffer free/clear order in deferred receive path
(bsc#1250519).
- scsi: lpfc: Remove redundant assignment to avoid memory leak
(bsc#1250519).
- scsi: lpfc: Fix wrong function reference in a comment
(bsc#1250519).
- commit 9af1a7a
- nvme-fc: use lock accessing port_state and rport state
(bsc#1245193 bsc#1247500).
- nvmet-fcloop: call done callback even when remote port is gone
(bsc#1245193 bsc#1247500).
- nvmet-fc: avoid scheduling association deletion twice
(bsc#1245193 bsc#1247500).
- nvmet-fc: move lsop put work to nvmet_fc_ls_req_op (bsc#1245193
bsc#1247500).
- commit 9a1d529
- NFSv4.1: fix backchannel max_resp_sz verification check
(git-fixes).
- commit 8db6e65
- orangefs: Remove unused type in macro fill_default_sys_attrs
(git-fixes).
- commit 98fbe5c
- ppp: fix memory leak in pad_compress_skb (CVE-2025-39847
bsc#1250292).
- ice: fix NULL access of tx->in_use in ice_ll_ts_intr
(CVE-2025-39854 bsc#1250297).
- vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop
objects (CVE-2025-39850 bsc#1250276).
- net/mlx5: Fix lockdep assertion on sync reset unload event
(CVE-2025-39832 bsc#1249901).
- net/mlx5: Reload auxiliary drivers on fw_activate
(CVE-2025-39832 bsc#1249901).
- bnxt_en: Fix memory corruption when FW resources change during
ifdown (CVE-2025-39810 bsc#1249975).
- gve: prevent ethtool ops after shutdown (CVE-2025-38735
bsc#1249288).
- net/mlx5: Add sync reset drop mode support (CVE-2025-39832
bsc#1249901).
- commit 703f4a7
- Update
patches.suse/0780-drm-mediatek-dp-Change-logging-to-dev-for-mtk_dp_aux.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53325
bsc#1250035).
- Update
patches.suse/ACPI-APEI-send-SIGBUS-to-current-task-if-synchronous.patch
(stable-fixes CVE-2025-39763 bsc#1249615).
- Update
patches.suse/ACPI-pfr_update-Fix-the-driver-update-version-check.patch
(git-fixes CVE-2025-39701 bsc#1249308).
- Update
patches.suse/ACPICA-Add-AML_NO_OPERAND_RESOLVE-flag-to-Timer.patch
(git-fixes CVE-2023-53395 bsc#1250358).
- Update
patches.suse/ALSA-hda-ca0132-Fix-buffer-overflow-in-add_tuning_co.patch
(stable-fixes CVE-2025-39751 bsc#1249538).
- Update
patches.suse/ALSA-hda-fix-a-possible-null-pointer-dereferen.patch
(bsc#1012628 CVE-2023-53275 bsc#1250459).
- Update
patches.suse/ALSA-usb-audio-Validate-UAC3-cluster-segment-descrip.patch
(git-fixes CVE-2025-39757 bsc#1249515).
- Update
patches.suse/ALSA-usb-audio-Validate-UAC3-power-domain-descriptor.patch
(git-fixes CVE-2025-38729 bsc#1249164).
- Update
patches.suse/ASoC-core-Check-for-rtd-NULL-in-snd_soc_remove_pcm_r.patch
(stable-fixes CVE-2025-38706 bsc#1249195).
- Update patches.suse/Bluetooth-Fix-hci_suspend_sync-crash.patch
(git-fixes CVE-2023-53520 bsc#1250957).
- Update
patches.suse/Bluetooth-Fix-potential-use-after-free-when-clear-ke.patch
(git-fixes CVE-2023-53386 bsc#1250106).
- Update
patches.suse/Bluetooth-Fix-use-after-free-in-l2cap_sock_cleanup_l.patch
(git-fixes CVE-2025-39860 bsc#1250247).
- Update patches.suse/Bluetooth-L2CAP-Fix-use-after-free.patch
(bsc#1012628 CVE-2023-53305 bsc#1250049).
- Update
patches.suse/Bluetooth-hci_conn-fail-SCO-ISO-via-hci_conn_failed-.patch
(git-fixes CVE-2023-53374 bsc#1250196).
- Update
patches.suse/Bluetooth-l2cap-Check-encryption-key-size-on-incomin.patch
(git-fixes CVE-2025-39889 bsc#1249833).
- Update
patches.suse/Bluetooth-use-RCU-for-hci_conn_params-and-itera.patch
(bsc#1012628 CVE-2023-53252 bsc#1249756).
- Update
patches.suse/Bluetooth-vhci-Prevent-use-after-free-by-removing-de.patch
(git-fixes CVE-2025-39861 bsc#1250249).
- Update
patches.suse/FS-JFS-Fix-null-ptr-deref-Read-in-txBegin.patch
(bsc#1012628 CVE-2023-53457 bsc#1250763).
- Update
patches.suse/HID-asus-fix-UAF-via-HID_CLAIMED_INPUT-validation.patch
(git-fixes CVE-2025-39824 bsc#1250007).
- Update
patches.suse/HID-hid-ntrig-fix-unable-to-handle-page-fault-in-ntr.patch
(stable-fixes CVE-2025-39808 bsc#1250088).
- Update
patches.suse/HID-multitouch-Correct-devm-device-reference-for-hid.patch
(git-fixes CVE-2023-53454 bsc#1250759).
- Update
patches.suse/HID-multitouch-fix-slab-out-of-bounds-access-in-mt_r.patch
(git-fixes CVE-2025-39806 bsc#1249888).
- Update
patches.suse/IB-hfi1-Fix-possible-panic-during-hotplug-remo.patch
(bsc#1012628 CVE-2023-53488 bsc#1250825).
- Update
patches.suse/KVM-arm64-Handle-kvm_arm_init-failure-correctly.patch
(bsc#1012628 CVE-2023-53319 bsc#1250067).
- Update
patches.suse/KVM-nSVM-Load-L1-s-TSC-multiplier-based-on-L1-state-.patch
(git-fixes CVE-2023-53208 bsc#1249698).
- Update
patches.suse/KVM-s390-diag-fix-racy-access-of-physical-cpu-n.patch
(bsc#1012628 CVE-2023-53205 bsc#1249677).
- Update
patches.suse/NFS-Fix-filehandle-bounds-checking-in-nfs_fh_to_dentry.patch
(git-fixes CVE-2025-39730 bsc#1249296).
- Update
patches.suse/NFS-Fix-the-setting-of-capabilities-when-automounting-a-new-filesystem.patch
(git-fixes CVE-2025-39798 bsc#1249774).
- Update
patches.suse/NFSv4.2-Rework-scratch-handling-for-READ_PLUS-again.patch
(git-fixes CVE-2023-53360 bsc#1249990).
- Update
patches.suse/PCI-ASPM-Disable-ASPM-on-MFD-function-removal-t.patch
(bsc#1012628 CVE-2023-53446 bsc#1250145).
- Update
patches.suse/PCI-endpoint-Fix-configfs-group-list-head-handling.patch
(git-fixes CVE-2025-39783 bsc#1249486).
- Update
patches.suse/PCI-hv-Fix-a-crash-in-hv_pci_restore_msi_msg-during-.patch
(git-fixes CVE-2023-53175 bsc#1249845).
- Update
patches.suse/PM-devfreq-Fix-leak-in-devfreq_dev_release.patch
(git-fixes CVE-2023-53518 bsc#1250923).
- Update
patches.suse/RDMA-bnxt_re-Properly-order-ib_device_unalloc-.patch
(bsc#1012628 CVE-2023-53504 bsc#1250813).
- Update
patches.suse/RDMA-bnxt_re-wraparound-mbox-producer-index.patch
(bsc#1012628 CVE-2023-53201 bsc#1249687).
- Update
patches.suse/RDMA-hfi1-fix-possible-divide-by-zero-in-find_hw_thr.patch
(git-fixes CVE-2025-39742 bsc#1249479).
- Update
patches.suse/RDMA-mlx5-Return-the-firmware-result-upon-dest.patch
(bsc#1012628 CVE-2023-53286 bsc#1250325).
- Update
patches.suse/RDMA-rxe-Fix-unsafe-drain-work-queue-code.patch
(git-fixes CVE-2023-53528 bsc#1250930).
- Update
patches.suse/RDMA-siw-Fix-the-sendmsg-byte-count-in-siw_tcp_sendp.patch
(git-fixes CVE-2025-39758 bsc#1249490).
- Update
patches.suse/accel-habanalabs-fix-mem-leak-in-capture-user-.patch
(bsc#1012628 CVE-2023-53367 bsc#1250243).
- Update patches.suse/accel-qaic-Fix-slicing-memory-leak.patch
(bsc#1012628 CVE-2023-53350 bsc#1250012).
- Update
patches.suse/accel-qaic-tighten-bounds-checking-in-decode_me.patch
(bsc#1012628 CVE-2023-53493 bsc#1250820).
- Update
patches.suse/af_unix-Fix-data-races-around-user-unix_inflight.patch
(git-fixes CVE-2023-53204 bsc#1249682).
- Update
patches.suse/arm64-sme-Set-new-vector-length-before-realloca.patch
(bsc#1012628 CVE-2023-53184 bsc#1249823).
- Update
patches.suse/ax25-properly-unshare-skbs-in-ax25_kiss_rcv.patch
(git-fixes CVE-2025-39848 bsc#1250298).
- Update
patches.suse/batman-adv-fix-OOB-read-write-in-network-coding-deco.patch
(git-fixes CVE-2025-39839 bsc#1250291).
- Update
patches.suse/blk-cgroup-Reinit-blkg_iostat_set-after-clearin.patch
(bsc#1012628 CVE-2023-53421 bsc#1250171).
- Update
patches.suse/blk-mq-fix-NULL-dereference-on-q-elevator-in-bl.patch
(bsc#1012628 CVE-2023-53292 bsc#1250163).
- Update
patches.suse/bpf-Fix-memleak-due-to-fentry-attach-failure.patch
(bsc#1012628 CVE-2023-53221 bsc#1249662).
- Update
patches.suse/bpf-cpumap-Fix-memory-leak-in-cpu_map_update_el.patch
(bsc#1012628 CVE-2023-53441 bsc#1250150).
- Update
patches.suse/btrfs-abort-transaction-on-unexpected-eb-generation-.patch
(git-fixes CVE-2025-39800 bsc#1250177).
- Update
patches.suse/btrfs-add-handling-for-RAID1C23-DUP-to-btrfs_re.patch
(bsc#1012628 CVE-2023-53243 bsc#1249640).
- Update
patches.suse/btrfs-don-t-check-PageError-in-__extent_writepa.patch
(bsc#1012628 CVE-2023-53429 bsc#1250384).
- Update
patches.suse/btrfs-exit-gracefully-if-reloc-roots-don-t-mat.patch
(bsc#1012628 CVE-2023-53183 bsc#1249863).
- Update
patches.suse/btrfs-fix-BUG_ON-condition-in-btrfs_cancel_bal.patch
(bsc#1012628 CVE-2023-53339 bsc#1250329).
- Update
patches.suse/btrfs-fix-use-after-free-of-new-block-group-th.patch
(bsc#1012628 CVE-2023-53187 bsc#1249815).
- Update
patches.suse/btrfs-qgroup-fix-race-between-quota-disable-and-quot.patch
(git-fixes CVE-2025-39759 bsc#1249522).
- Update
patches.suse/btrfs-set_page_extent_mapped-after-read_folio-i.patch
(bsc#1012628 CVE-2023-53247 bsc#1249870).
- Update
patches.suse/bus-fsl-mc-don-t-assume-child-devices-are-all-f.patch
(bsc#1012628 CVE-2023-53362 bsc#1249993).
- Update
patches.suse/bus-mhi-host-Detect-events-pointing-to-unexpected-TR.patch
(git-fixes CVE-2025-39790 bsc#1249548).
- Update
patches.suse/can-gs_usb-fix-time-stamp-counter-initializatio.patch
(bsc#1012628 CVE-2023-53523 bsc#1250926).
- Update
patches.suse/can-j1939-implement-NETDEV_UNREGISTER-notification-h.patch
(git-fixes CVE-2025-39925 bsc#1250736).
- Update
patches.suse/can-xilinx_can-xcan_write_frame-fix-use-after-free-o.patch
(git-fixes CVE-2025-39873 bsc#1250371).
- Update
patches.suse/cifs-prevent-use-after-free-by-freeing-the-cfil.patch
(bsc#1012628 CVE-2023-53377 bsc#1250161).
- Update
patches.suse/clk-imx-clk-imx8mn-fix-memory-leak-in-imx8mn_cl.patch
(bsc#1012628 CVE-2023-53249 bsc#1249642).
- Update
patches.suse/clk-imx-clk-imxrt1050-fix-memory-leak-in-imxrt1.patch
(bsc#1012628 CVE-2023-53264 bsc#1249795).
- Update patches.suse/clk-mediatek-fix-of_iomap-memory-leak.patch
(bsc#1012628 CVE-2023-53424 bsc#1250169).
- Update
patches.suse/clk-mediatek-mt8183-Add-back-SSPM-related-cloc.patch
(bsc#1012628 CVE-2023-53274 bsc#1249919).
- Update
patches.suse/clk-tegra-tegra124-emc-Fix-potential-memory-lea.patch
(bsc#1012628 CVE-2023-53505 bsc#1250807).
- Update
patches.suse/comedi-Fix-use-of-uninitialized-memory-in-do_insn_io.patch
(git-fixes CVE-2025-39684 bsc#1249281).
- Update
patches.suse/comedi-Make-insn_rw_emulate_bits-do-insn-n-samples.patch
(git-fixes CVE-2025-39686 bsc#1249312).
- Update
patches.suse/comedi-fix-race-between-polling-and-detaching.patch
(git-fixes CVE-2025-38687 bsc#1249177).
- Update
patches.suse/comedi-pcl726-Prevent-invalid-irq-number.patch
(git-fixes CVE-2025-39685 bsc#1249282).
- Update
patches.suse/crypto-qat-flush-misc-workqueue-during-device-shutdo.patch
(git-fixes CVE-2025-39721 bsc#1249323).
- Update
patches.suse/cxl-acpi-Fix-a-use-after-free-in-cxl_parse_cfmw.patch
(bsc#1012628 CVE-2023-53479 bsc#1250837).
- Update
patches.suse/cxl-downgrade-a-warning-message-to-debug-level-in-cxl.patch
(bsc#1229165 CVE-2023-53479 bsc#1250837).
- Update
patches.suse/dma-buf-dma-resv-Stop-leaking-on-krealloc-failu.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53181
bsc#1249824).
- Update
patches.suse/dmaengine-idxd-Fix-double-free-in-idxd_setup_wqs.patch
(git-fixes CVE-2025-39870 bsc#1250402).
- Update
patches.suse/dmaengine-idxd-Remove-improper-idxd_free.patch
(git-fixes CVE-2025-39871 bsc#1250377).
- Update
patches.suse/dmaengine-qcom-bam_dma-Fix-DT-error-handling-for-num.patch
(git-fixes CVE-2025-39923 bsc#1250741).
- Update
patches.suse/dmaengine-ti-edma-Fix-memory-allocation-size-for-que.patch
(git-fixes CVE-2025-39869 bsc#1250406).
- Update
patches.suse/drm-amd-display-Add-null-pointer-check-in-mod_hdcp_h.patch
(git-fixes CVE-2025-39675 bsc#1249263).
- Update
patches.suse/drm-amd-display-Avoid-a-NULL-pointer-dereference.patch
(stable-fixes CVE-2025-39693 bsc#1249279).
- Update
patches.suse/drm-amd-display-Fix-possible-underflow-for-disp.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53258
bsc#1249780).
- Update
patches.suse/drm-amdgpu-fix-calltrace-warning-in-amddrm_bud.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53152
bsc#1249883).
- Update
patches.suse/drm-amdgpu-fix-memory-leak-in-mes-self-test.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53370
bsc#1250208).
- Update
patches.suse/drm-amdgpu-install-stub-fence-into-potential-u.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53248
bsc#1249779).
- Update
patches.suse/drm-amdkfd-Destroy-KFD-debugfs-after-destroy-KFD-wq.patch
(stable-fixes CVE-2025-39706 bsc#1249413).
- Update
patches.suse/drm-client-Fix-memory-leak-in-drm_client_modese.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53288
bsc#1250058).
- Update
patches.suse/drm-hisilicon-hibmc-fix-the-hibmc-loaded-failed-bug.patch
(git-fixes CVE-2025-39772 bsc#1249506).
- Update
patches.suse/drm-mediatek-fix-potential-OF-node-use-after-free.patch
(git-fixes CVE-2025-39882 bsc#1250389).
- Update
patches.suse/drm-msm-dp-Free-resources-after-unregistering-t.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53316
bsc#1250066).
- Update
patches.suse/drm-msm-mdp5-Don-t-leak-some-plane-state.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53324
bsc#1250070).
- Update
patches.suse/drm-nouveau-disp-fix-use-after-free-in-error-h.patch
(bsc#1012628 bsc#1214073 CVE-2023-53263 bsc#1249861).
- Update
patches.suse/drm-nouveau-nvif-Fix-potential-memory-leak-in-nvif_v.patch
(git-fixes CVE-2025-39679 bsc#1249338).
- Update
patches.suse/drm-radeon-Fix-integer-overflow-in-radeon_cs_pa.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53309
bsc#1250055).
- Update patches.suse/drm-tests-helpers-Avoid-a-driver-uaf.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53235
bsc#1249785).
- Update
patches.suse/drm-ttm-check-null-pointer-before-accessing-wh.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53352
bsc#1250006).
- Update
patches.suse/drm-ttm-fix-bulk_move-corruption-when-adding-a-.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53444
bsc#1250157).
- Update patches.suse/erofs-Fix-detection-of-atomic-context.patch
(bsc#1012628 CVE-2023-53231 bsc#1249787).
- Update
patches.suse/exfat-add-cluster-chain-loop-check-for-dir.patch
(git-fixes CVE-2025-38692 bsc#1249221).
- Update
patches.suse/ext2-dax-Fix-ext2_setsize-when-len-is-page-alig.patch
(bsc#1012628 CVE-2023-53323 bsc#1250069).
- Update
patches.suse/f2fs-don-t-reset-unchangable-mount-option-in-f2.patch
(bsc#1012628 CVE-2023-53447 bsc#1250241).
- Update
patches.suse/fbdev-Fix-vmalloc-out-of-bounds-write-in-fast_imageb.patch
(stable-fixes CVE-2025-38685 bsc#1249220).
- Update
patches.suse/fbdev-ep93xx-fb-Do-not-assign-to-struct-fb_info.dev.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53314
bsc#1250065).
- Update
patches.suse/fbdev-fix-potential-buffer-overflow-in-do_register_f.patch
(stable-fixes CVE-2025-38702 bsc#1249254).
- Update
patches.suse/fbdev-imxfb-Removed-unneeded-release_mem_region.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53448
bsc#1250873).
- Update
patches.suse/firewire-net-fix-use-after-free-in-fwnet_finis.patch
(bsc#1012628 CVE-2023-53432 bsc#1250426).
- Update
patches.suse/firmware-stratix10-svc-Fix-a-potential-resource.patch
(bsc#1012628 CVE-2023-53255 bsc#1249762).
- Update
patches.suse/fs-jfs-Fix-UBSAN-array-index-out-of-bounds-in-d.patch
(bsc#1012628 CVE-2023-53485 bsc#1250872).
- Update
patches.suse/fs-ntfs3-Enhance-sanity-check-while-generating.patch
(bsc#1012628 CVE-2023-53328 bsc#1249952).
- Update
patches.suse/hfs-fix-slab-out-of-bounds-in-hfs_bnode_read.patch
(git-fixes CVE-2025-38715 bsc#1249196).
- Update
patches.suse/hfsplus-don-t-use-BUG_ON-in-hfsplus_create_attributes_file.patch
(git-fixes CVE-2025-38712 bsc#1249194).
- Update
patches.suse/hfsplus-fix-slab-out-of-bounds-in-hfsplus_bnode_read.patch
(git-fixes CVE-2025-38714 bsc#1249260).
- Update
patches.suse/hfsplus-fix-slab-out-of-bounds-read-in-hfsplus_uni2asc.patch
(git-fixes CVE-2025-38713 bsc#1249200).
- Update
patches.suse/hsr-Fix-uninit-value-access-in-fill_frame_info.patch
(bsc#1220419 CVE-2023-53462 bsc#1250878).
- Update
patches.suse/hwmon-pmbus_core-Fix-NULL-pointer-dereference.patch
(bsc#1012628 CVE-2023-53206 bsc#1249679).
- Update
patches.suse/ibmvnic-Do-not-reset-dql-stats-on-NON_FATAL-err.patch
(bsc#1012628 CVE-2023-53463 bsc#1250867).
- Update
patches.suse/ice-Block-switchdev-mode-when-ADQ-is-active-an.patch
(bsc#1012628 CVE-2023-53442 bsc#1250201).
- Update
patches.suse/icmp6-Fix-null-ptr-deref-of-ip6_null_entry-rt6i.patch
(bsc#1012628 CVE-2023-53343 bsc#1250022).
- Update
patches.suse/igb-Fix-igb_down-hung-on-surprise-removal.patch
(bsc#1012628 CVE-2023-53148 bsc#1249842).
- Update
patches.suse/iio-imu-bno055-fix-OOB-access-of-hw_xlate-array.patch
(git-fixes CVE-2025-39719 bsc#1249271).
- Update
patches.suse/io_uring-wait-interruptibly-for-request-complet.patch
(bsc#1012628 CVE-2023-53461 bsc#1250941).
- Update
patches.suse/iommu-amd-iommu_v2-Fix-pasid_state-refcount-dec-hit-.patch
(git-fixes CVE-2023-53501 bsc#1250815).
- Update
patches.suse/iommu-arm-smmu-qcom-Add-SM6115-MDSS-compatible.patch
(git-fixes CVE-2025-39739 bsc#1249542).
- Update
patches.suse/ip6mr-Fix-skb_under_panic-in-ip6mr_cache_repor.patch
(bsc#1012628 CVE-2023-53365 bsc#1249988).
- Update
patches.suse/ipv6-addrconf-fix-a-potential-refcount-underflo.patch
(bsc#1012628 CVE-2023-53189 bsc#1249894).
- Update
patches.suse/jbd2-check-jh-b_transaction-before-removing-it-from-.patch
(bsc#1214953 CVE-2023-53526 bsc#1250928).
- Update patches.suse/jfs-Regular-file-corruption-check.patch
(git-fixes CVE-2025-38698 bsc#1249255).
- Update
patches.suse/jfs-jfs_dmap-Validate-db_l2nbperpage-while-moun.patch
(bsc#1012628 CVE-2023-53222 bsc#1249864).
- Update
patches.suse/jfs-truncate-good-inode-pages-when-hard-link-is-0.patch
(git-fixes CVE-2025-39743 bsc#1249489).
- Update
patches.suse/jfs-upper-bound-check-of-tree-index-in-dbAllocAG.patch
(git-fixes CVE-2025-38697 bsc#1249257).
- Update
patches.suse/kobject-Add-sanity-check-for-kset-kobj.ktype-in-kset.patch
(git-fixes CVE-2023-53480 bsc#1250861).
- Update patches.suse/lwt-Fix-return-values-of-BPF-xmit-ops.patch
(jsc#PED-6811 CVE-2023-53338 bsc#1250074).
- Update
patches.suse/mISDN-hfcpci-Fix-warning-when-deleting-uninitialized.patch
(git-fixes CVE-2025-39833 bsc#1250028).
- Update
patches.suse/macvlan-add-forgotten-nla_policy-for-IFLA_MACVL.patch
(bsc#1012628 CVE-2023-53516 bsc#1250918).
- Update
patches.suse/md-raid10-check-slab-out-of-bounds-in-md_bitmap.patch
(bsc#1012628 CVE-2023-53357 bsc#1249994).
- Update
patches.suse/md-raid10-fix-null-ptr-deref-of-mreplace-in-rai.patch
(bsc#1012628 CVE-2023-53380 bsc#1250198).
- Update
patches.suse/md-raid10-fix-wrong-setting-of-max_corr_read_er.patch
(bsc#1012628 CVE-2023-53313 bsc#1249911).
- Update
patches.suse/md-raid10-prevent-soft-lockup-while-flush-write.patch
(bsc#1012628 CVE-2023-53151 bsc#1249865).
- Update
patches.suse/md-raid5-cache-fix-null-ptr-deref-for-r5l_flush_stri-0d0b.patch
(jsc#PED-7542 CVE-2023-53210 bsc#1249673).
- Update
patches.suse/media-az6007-Fix-null-ptr-deref-in-az6007_i2c_xfer.patch
(git-fixes CVE-2023-53220 bsc#1250337).
- Update
patches.suse/media-dvb-frontends-dib7090p-fix-null-ptr-deref-in-d.patch
(stable-fixes CVE-2025-38694 bsc#1249272).
- Update
patches.suse/media-dvb-frontends-w7090p-fix-null-ptr-deref-in-w70.patch
(stable-fixes CVE-2025-38693 bsc#1249190).
- Update
patches.suse/media-hi846-fix-usage-of-pm_runtime_get_if_in_u.patch
(bsc#1012628 CVE-2023-53177 bsc#1249849).
- Update
patches.suse/media-ipu-bridge-Fix-null-pointer-deref-on-SSDB-PLD-.patch
(git-fixes CVE-2023-53336 bsc#1250073).
- Update
patches.suse/media-mdp3-Fix-resource-leaks-in-of_find_device_by_n.patch
(git-fixes CVE-2023-53385 bsc#1250319).
- Update
patches.suse/media-platform-mediatek-vpu-fix-NULL-ptr-deref.patch
(bsc#1012628 CVE-2023-53425 bsc#1250290).
- Update
patches.suse/media-rainshadow-cec-fix-TOCTOU-race-condition-in-ra.patch
(git-fixes CVE-2025-39713 bsc#1249321).
- Update
patches.suse/media-usbtv-Lock-resolution-while-streaming.patch
(git-fixes CVE-2025-39714 bsc#1249273).
- Update
patches.suse/media-uvcvideo-Fix-1-byte-out-of-bounds-read-in-uvc_.patch
(git-fixes CVE-2025-38680 bsc#1249203).
- Update
patches.suse/media-v4l2-mem2mem-add-lock-to-protect-paramet.patch
(bsc#1012628 CVE-2023-53519 bsc#1250964).
- Update
patches.suse/media-venus-Add-a-check-for-packet-size-after-readin.patch
(git-fixes CVE-2025-39710 bsc#1249304).
- Update
patches.suse/media-venus-protect-against-spurious-interrupts-duri.patch
(git-fixes CVE-2025-39709 bsc#1249278).
- Update
patches.suse/mlxsw-minimal-fix-potential-memory-leak-in-mlxs.patch
(bsc#1012628 CVE-2023-53195 bsc#1249761).
- Update
patches.suse/mm-kmem-fix-a-NULL-pointer-dereference-in-obj_.patch
(bsc#1012628 CVE-2023-53401 bsc#1250120).
- Update
patches.suse/mm-move-page-table-sync-declarations-to-linux-pgtabl.patch
(git-fixes CVE-2025-39844 bsc#1250268).
- Update
patches.suse/mm-ptdump-take-the-memory-hotplug-lock-inside-ptdump_walk_.patch
(git-fixes CVE-2025-38681 bsc#1249204).
- Update
patches.suse/modpost-fix-off-by-one-in-is_executable_section.patch
(bsc#1012628 CVE-2023-53397 bsc#1250125).
- Update patches.suse/mptcp-fix-disconnect-vs-accept-race.patch
(bsc#1012628 CVE-2023-53490 bsc#1250827).
- Update
patches.suse/msft-hv-3329-hv_netvsc-Fix-panic-during-namespace-deletion-with-V.patch
(bsc#1248111 CVE-2025-38683 bsc#1249159).
- Update
patches.suse/mtd-rawnand-stm32_fmc2-avoid-overlapping-mappings-on.patch
(git-fixes CVE-2025-39907 bsc#1250713).
- Update
patches.suse/net-dcb-choose-correct-policy-to-parse-DCB_ATT.patch
(bsc#1012628 CVE-2023-53369 bsc#1250206).
- Update
patches.suse/net-dsa-Removed-unneeded-of_node_put-in-felix_p.patch
(bsc#1012628 CVE-2023-53170 bsc#1249850).
- Update
patches.suse/net-ena-fix-shift-out-of-bounds-in-exponential-.patch
(bsc#1012628 CVE-2023-53272 bsc#1249917).
- Update
patches.suse/net-ethernet-mvpp2_main-fix-possible-OOB-write-in-mv.patch
(git-fixes CVE-2023-53495 bsc#1250907).
- Update
patches.suse/net-fix-net_dev_start_xmit-trace-event-vs-skb_t.patch
(bsc#1012628 CVE-2023-53312 bsc#1250063).
- Update
patches.suse/net-marvell-prestera-fix-handling-IPv4-routes-.patch
(bsc#1012628 CVE-2023-53342 bsc#1250029).
- Update
patches.suse/net-microchip-vcap-api-Fix-possible-memory-leak-for-.patch
(git-fixes CVE-2023-53303 bsc#1249896).
- Update
patches.suse/net-mlx5-Unregister-devlink-params-in-case-int.patch
(bsc#1012628 CVE-2023-53507 bsc#1250808).
- Update
patches.suse/net-mlx5e-fix-memory-leak-in-mlx5e_fs_tt_redire.patch
(bsc#1012628 CVE-2023-53371 bsc#1250112).
- Update
patches.suse/net-mlx5e-xsk-Fix-crash-on-regular-rq-reactiva.patch
(bsc#1012628 CVE-2023-53394 bsc#1250199).
- Update
patches.suse/net-rose-convert-use-field-to-refcount_t.patch
(git-fixes CVE-2025-39826 bsc#1250203).
- Update
patches.suse/net-rose-include-node-references-in-rose_neigh-refco.patch
(git-fixes CVE-2025-39827 bsc#1250204).
- Update
patches.suse/net-usb-asix_devices-Fix-PHY-address-mask-in-MDIO-bu.patch
(git-fixes CVE-2025-38736 bsc#1249318).
- Update
patches.suse/net-usb-asix_devices-add-phy_mask-for-ax88772-mdio-b.patch
(git-fixes CVE-2025-38725 bsc#1249170).
- Update
patches.suse/netfilter-conntrack-dccp-copy-entire-header-to-.patch
(CVE-2023-39197 bsc#1012628 bsc#1216976 CVE-2023-53333
bsc#1249949).
- Update
patches.suse/netfilter-ipset-add-the-missing-IP_SET_HASH_WITH_NET.patch
(CVE-2023-42753 bsc#1215150 CVE-2023-53179 bsc#1249825).
- Update
patches.suse/netfilter-nf_tables-do-not-ignore-genmask-when-.patch
(bsc#1012628 CVE-2023-31248 bsc#1213061 CVE-2023-53492
bsc#1250823).
- Update
patches.suse/netfilter-nft_set_rbtree-fix-overlap-expiration.patch
(bsc#1012628 CVE-2023-53304 bsc#1249923).
- Update
patches.suse/netlink-avoid-infinite-retry-looping-in-netlink_unic.patch
(CVE-2025-38465 bsc#1247118 CVE-2025-38727 bsc#1249166).
- Update
patches.suse/nfsd-handle-get_client_locked-failure-in-nfsd4_setclientid_confirm.patch
(git-fixes CVE-2025-38724 bsc#1249169).
- Update
patches.suse/nilfs2-fix-use-after-free-of-nilfs_root-in-dir.patch
(bsc#1012628 CVE-2023-53311 bsc#1250062).
- Update
patches.suse/ntfs-Fix-panic-about-slab-out-of-bounds-caused-.patch
(bsc#1012628 CVE-2023-53420 bsc#1250186).
- Update
patches.suse/nubus-Partially-revert-proc_create_single_data-.patch
(bsc#1012628 CVE-2023-53217 bsc#1249672).
- Update
patches.suse/null_blk-fix-poll-request-timeout-handling.patch
(bsc#1216436 CVE-2023-53531 bsc#1250931).
- Update
patches.suse/ovl-fix-null-pointer-dereference-in-ovl_permiss.patch
(bsc#1012628 CVE-2023-53260 bsc#1249768).
- Update
patches.suse/pNFS-Fix-uninited-ptr-deref-in-block-scsi-layout.patch
(git-fixes CVE-2025-38691 bsc#1249215).
- Update
patches.suse/pcmcia-Add-error-handling-for-add_interval-in-do_val.patch
(git-fixes CVE-2025-39920 bsc#1250732).
- Update
patches.suse/pcmcia-Fix-a-NULL-pointer-dereference-in-__iodyn_fin.patch
(git-fixes CVE-2025-39846 bsc#1250263).
- Update
patches.suse/phy-hisilicon-Fix-an-out-of-bounds-check-in-his.patch
(bsc#1012628 CVE-2023-53238 bsc#1249707).
- Update
patches.suse/powercap-arm_scmi-Remove-recursion-while-parsing-zon.patch
(git-fixes CVE-2023-53428 bsc#1250167).
- Update
patches.suse/powerpc-rtas_flash-allow-user-copy-to-flash-bl.patch
(bsc#1012628 bsc#1194869 CVE-2023-53487 bsc#1250830).
- Update
patches.suse/pstore-ram-Check-start-of-empty-przs-during-init.patch
(git-fixes CVE-2023-53331 bsc#1249950).
- Update
patches.suse/pwm-lpc32xx-Remove-handling-of-PWM-channels.patch
(git-fixes CVE-2023-53472 bsc#1250841).
- Update
patches.suse/rcu-rcuscale-Stop-kfree_scale_thread-thread-s-a.patch
(bsc#1012628 CVE-2023-53291 bsc#1249926).
- Update
patches.suse/regulator-da9063-better-fix-null-deref-with-pa.patch
(bsc#1012628 CVE-2023-53364 bsc#1249984).
- Update
patches.suse/s390-ism-fix-concurrency-management-in-ism_cmd.patch
(git-fixes bsc#1248735 CVE-2025-39726 bsc#1249266).
- Update patches.suse/s390-sclp-Fix-SCCB-present-check.patch
(git-fixes bsc#1249123 CVE-2025-39694 bsc#1249299).
- Update
patches.suse/sched-fair-Don-t-balance-task-to-its-current-ru.patch
(bsc#1012628 CVE-2023-53215 bsc#1250397).
- Update
patches.suse/scsi-core-Fix-possible-memory-leak-if-device_a.patch
(bsc#1012628 CVE-2023-53174 bsc#1250024).
- Update
patches.suse/scsi-lpfc-Check-for-hdwq-null-ptr-when-cleaning-up-l.patch
(bsc#1245260 bsc#1243100 bsc#1246125 CVE-2025-38695
bsc#1249285).
- Update
patches.suse/scsi-qla2xxx-Fix-potential-NULL-pointer-derefer.patch
(bsc#1012628 CVE-2023-53451 bsc#1250831).
- Update
patches.suse/scsi-qla2xxx-Pointer-may-be-dereferenced.patch
(bsc#1012628 CVE-2023-53150 bsc#1249853).
- Update
patches.suse/scsi-qla2xxx-Remove-unused-nvme_ls_waitq-wait-q.patch
(bsc#1012628 CVE-2023-53280 bsc#1249938).
- Update
patches.suse/scsi-qla2xxx-Use-raw_smp_processor_id-instead-of-smp.patch
(bsc#1214928 jsc#PED-5063 CVE-2023-53530 bsc#1250949).
- Update
patches.suse/scsi-qla2xxx-Wait-for-io-return-on-terminate-rp.patch
(bsc#1012628 CVE-2023-53322 bsc#1250323).
- Update
patches.suse/scsi-qla4xxx-Add-length-check-when-parsing-nlattrs.patch
(git-fixes CVE-2023-53456 bsc#1250765).
- Update
patches.suse/scsi-snic-Fix-possible-memory-leak-if-device_a.patch
(bsc#1012628 CVE-2023-53436 bsc#1250156).
- Update
patches.suse/scsi-storvsc-Fix-handling-of-virtual-Fibre-Cha.patch
(bsc#1012628 CVE-2023-53245 bsc#1249641).
- Update patches.suse/scsi-ufs-core-Fix-handling-of-lrbp-cmd.patch
(bsc#1012628 CVE-2023-53510 bsc#1250812).
- Update patches.suse/serial-8250-fix-panic-due-to-PSLVERR.patch
(git-fixes CVE-2025-39724 bsc#1249265).
- Update
patches.suse/shmem-use-ramfs_kill_sb-for-kill_sb-method-of-r.patch
(bsc#1012628 CVE-2023-53391 bsc#1250117).
- Update
patches.suse/skbuff-skb_segment-Call-zero-copy-functions-before-u.patch
(bsc#1220419 CVE-2023-53354 bsc#1250004).
- Update
patches.suse/smb-client-fix-warning-in-cifs_smb3_do_mount.patch
(bsc#1012628 CVE-2023-53230 bsc#1249866).
- Update
patches.suse/soundwire-qcom-fix-storing-port-config-out-of-b.patch
(bsc#1012628 CVE-2023-53465 bsc#1250863).
- Update
patches.suse/start_kernel-Add-__no_stack_protector-function-.patch
(bsc#1012628 CVE-2023-53491 bsc#1250942).
- Update
patches.suse/thunderbolt-Fix-memory-leak-in-tb_handle_dp_ba.patch
(bsc#1012628 CVE-2023-53527 bsc#1250929).
- Update
patches.suse/tls-separate-no-async-decryption-request-handling-fr.patch
(CVE-2024-26584 bsc#1220186 CVE-2024-58240 bsc#1248847).
- Update
patches.suse/tracing-Fix-null-pointer-dereference-in-tracing.patch
(bsc#1012628 CVE-2023-53167 bsc#1249712).
- Update
patches.suse/tracing-Fix-race-issue-between-cpu-buffer-write-and-swap.patch
(git-fixes CVE-2023-53368 bsc#1249979).
- Update
patches.suse/ublk-fail-to-recover-device-if-queue-setup-is-i.patch
(bsc#1012628 CVE-2023-53207 bsc#1249678).
- Update
patches.suse/ublk-fail-to-start-device-if-queue-setup-is-int.patch
(bsc#1012628 CVE-2023-53508 bsc#1250809).
- Update
patches.suse/udf-Fix-uninitialized-array-access-for-some-pat.patch
(bsc#1012628 CVE-2023-53165 bsc#1250395).
- Update
patches.suse/usb-cdns3-Put-the-cdns-set-active-part-outside-the-s.patch
(git-fixes CVE-2023-53287 bsc#1250089).
- Update
patches.suse/usb-core-config-Prevent-OOB-read-in-SS-endpoint-comp.patch
(stable-fixes CVE-2025-39760 bsc#1249598).
- Update
patches.suse/usb-dwc3-Remove-WARN_ON-for-device-endpoint-command-.patch
(stable-fixes CVE-2025-39801 bsc#1250450).
- Update
patches.suse/usb-dwc3-qcom-Fix-potential-memory-leak.patch
(bsc#1012628 CVE-2023-53196 bsc#1249758).
- Update
patches.suse/usb-gadget-u_serial-Add-null-pointer-check-in-g.patch
(bsc#1012628 CVE-2023-53356 bsc#1249997).
- Update
patches.suse/usb-phy-phy-tahvo-fix-memory-leak-in-tahvo_usb_.patch
(bsc#1012628 CVE-2023-53379 bsc#1250128).
- Update
patches.suse/virtio-mmio-don-t-break-lifecycle-of-vm_dev.patch
(bsc#1012628 CVE-2023-53515 bsc#1250917).
- Update patches.suse/vxlan-Fix-nexthop-hash-size.patch
(bsc#1012628 CVE-2023-53192 bsc#1249897).
- Update
patches.suse/wifi-ath11k-fix-sleeping-in-atomic-in-ath11k_mac_op_.patch
(git-fixes CVE-2025-39732 bsc#1249292).
- Update
patches.suse/wifi-ath12k-Avoid-NULL-pointer-access-during-ma.patch
(bsc#1012628 CVE-2023-53180 bsc#1249826).
- Update
patches.suse/wifi-ath12k-Correct-tid-cleanup-when-tid-setup-fails.patch
(stable-fixes CVE-2025-39750 bsc#1249523).
- Update
patches.suse/wifi-ath12k-Decrement-TID-on-RX-peer-frag-setup-erro.patch
(stable-fixes CVE-2025-39761 bsc#1249554).
- Update
patches.suse/wifi-ath9k-don-t-allow-to-overwrite-ENDPOINT0-a.patch
(bsc#1012628 CVE-2023-53185 bsc#1249820).
- Update
patches.suse/wifi-brcmfmac-fix-use-after-free-when-rescheduling-b.patch
(git-fixes CVE-2025-39863 bsc#1250281).
- Update
patches.suse/wifi-cfg80211-fix-use-after-free-in-cmp_bss.patch
(git-fixes CVE-2025-39864 bsc#1250242).
- Update
patches.suse/wifi-cfg80211-sme-cap-SSID-length-in-__cfg80211_conn.patch
(git-fixes CVE-2025-39849 bsc#1250266).
- Update
patches.suse/wifi-iwlwifi-pcie-fix-NULL-pointer-dereference-.patch
(bsc#1012628 CVE-2023-53251 bsc#1249730).
- Update
patches.suse/wifi-mac80211-check-S1G-action-frame-size.patch
(git-fixes CVE-2023-53257 bsc#1249869).
- Update
patches.suse/wifi-mac80211_hwsim-Fix-possible-NULL-dereferen.patch
(bsc#1012628 CVE-2023-53209 bsc#1249856).
- Update patches.suse/wifi-mac80211_hwsim-drop-short-frames.patch
(git-fixes CVE-2023-53321 bsc#1250313).
- Update
patches.suse/wifi-mwifiex-Fix-OOB-and-integer-underflow-when-rx-p.patch
(git-fixes CVE-2023-53226 bsc#1249658).
- Update
patches.suse/wifi-mwifiex-Initialize-the-chan_stats-array-to-zero.patch
(git-fixes CVE-2025-39891 bsc#1250712).
- Update
patches.suse/wifi-mwifiex-avoid-possible-NULL-skb-pointer-derefer.patch
(git-fixes CVE-2023-53384 bsc#1250127).
- Update
patches.suse/x86-MCE-Always-save-CS-register-on-AMD-Zen-IF-Poison-error.patch
(git-fixes CVE-2023-53438 bsc#1250180).
- Update
patches.suse/x86-mm-64-define-ARCH_PAGE_TABLE_SYNC_MASK-and-arch_.patch
(git-fixes CVE-2025-39845 bsc#1250262).
- Update
patches.suse/x86-platform-uv-Use-alternate-source-for-socket-to-n.patch
(bsc#1215696 CVE-2023-53496 bsc#1250905).
- Update
patches.suse/xfrm-add-NULL-check-in-xfrm_update_ae_params.patch
(bsc#1012628 bsc#1213666 CVE-2023-3772 CVE-2023-53147
bsc#1249880).
- Update
patches.suse/xfrm-fix-slab-use-after-free-in-decode_session.patch
(bsc#1012628 CVE-2023-53500 bsc#1250816).
- Update
patches.suse/xsk-Fix-xsk_diag-use-after-free-error-during-socket-.patch
(bsc#1220419 CVE-2023-53426 bsc#1250166).
- commit ee10a6d
- i40e: Fix potential invalid access when MAC list is empty (CVE-2025-39853 bsc#1250275)
- commit 4246fc5
- RDMA/siw: Always report immediate post SQ errors (git-fixes)
- commit c1b6a15
- RDMA/rxe: Fix race in do_task() when draining (git-fixes)
- commit 650fcb3
- IB/sa: Fix sa_local_svc_timeout_ms read race (git-fixes)
- commit ced2c38
- RDMA/core: Resolve MAC of next-hop device without ARP support (git-fixes)
- commit 9a8b6d9
- RDMA/cm: Rate limit destroy CM ID timeout error message (git-fixes)
- commit 99220cf
- RDMA/mlx5: Fix vport loopback forcing for MPV device (git-fixes)
- commit aced925
- RDMA/mlx5: Better estimate max_qp_wr to reflect WQE count (git-fixes)
- commit 665905d
- bus: mhi: host: Do not use uninitialized 'dev' pointer in
mhi_init_irq_setup() (git-fixes).
- iio: imu: inv_icm42600: Drop redundant pm_runtime
reinitialization in resume (git-fixes).
- iio: consumers: Fix offset handling in
iio_convert_raw_to_processed() (git-fixes).
- iio: dac: ad5421: use int type to store negative error codes
(git-fixes).
- iio: dac: ad5360: use int type to store negative error codes
(git-fixes).
- iio: frequency: adf4350: Fix ADF4350_REG3_12BIT_CLKDIV_MODE
(git-fixes).
- iio: frequency: adf4350: Fix prescaler usage (git-fixes).
- iio: xilinx-ams: Fix AMS_ALARM_THR_DIRECT_MASK (git-fixes).
- iio: xilinx-ams: Unmask interrupts after updating alarms
(git-fixes).
- misc: genwqe: Fix incorrect cmd field being reported in error
(git-fixes).
- uio: uio_pdrv_genirq: Remove MODULE_DEVICE_TABLE (git-fixes).
- thunderbolt: Compare HMAC values in constant time (git-fixes).
- usb: misc: qcom_eud: Access EUD_MODE_MANAGER2 through secure
calls (git-fixes).
- usb: host: max3421-hcd: Fix error pointer dereference in probe
cleanup (git-fixes).
- tty: n_gsm: Don't block input queue by waiting MSC (git-fixes).
- serial: max310x: Add error checking in probe() (git-fixes).
- mtd: rawnand: omap2: fix device leak on probe failure
(git-fixes).
- HID: intel-ish-ipc: Remove redundant ready check after timeout
function (git-fixes).
- hwrng: ks-sa - fix division by zero in ks_sa_rng_init
(git-fixes).
- crypto: hisilicon/qm - set NULL to qm->debug.qm_diff_regs
(git-fixes).
- crypto: aspeed - Fix dma_unmap_sg() direction (git-fixes).
- crypto: atmel - Fix dma_unmap_sg() direction (git-fixes).
- crypto: hisilicon/qm - check whether the input function and
PF are on the same device (git-fixes).
- hwrng: nomadik - add ARM_AMBA dependency (git-fixes).
- crypto: keembay - Add missing check after sg_nents_for_len()
(git-fixes).
- commit 6795b42
- drivers/base/node: fix double free in register_one_node()
(git-fixes).
- commit 205d070
- net: nfc: nci: Add parameter validation for packet data
(git-fixes).
- net: usb: Remove disruptive netif_wake_queue in
rtl8150_set_multicast (git-fixes).
- wifi: ath11k: HAL SRNG: don't deinitialize and re-initialize
again (git-fixes).
- wifi: ath10k: avoid unnecessary wait for service ready message
(git-fixes).
- wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load()
(git-fixes).
- wifi: rtw89: avoid circular locking dependency in
ser_state_run() (git-fixes).
- wifi: mac80211: fix Rx packet handling when pubsta information
is not available (git-fixes).
- wifi: mt76: fix potential memory leak in mt76_wmac_probe()
(git-fixes).
- wifi: mwifiex: send world regulatory domain to driver
(git-fixes).
- media: b2c2: Fix use-after-free causing by irq_check_work in
flexcop_pci_remove (git-fixes).
- media: uvcvideo: Mark invalid entities with id
UVC_INVALID_ENTITY_ID (git-fixes).
- media: i2c: mt9v111: fix incorrect type for ret (git-fixes).
- media: pci: ivtv: Add missing check after DMA map (git-fixes).
- media: cx18: Add missing check after DMA map (git-fixes).
- media: st-delta: avoid excessive stack usage (git-fixes).
- media: v4l2-subdev: Fix alloc failure check in
v4l2_subdev_call_state_try() (git-fixes).
- wifi: virt_wifi: Fix page fault on connect (stable-fixes).
- mmc: sdhci-cadence: add Mobileye eyeQ support (stable-fixes).
- usb: core: Add 0x prefix to quirks debug output (stable-fixes).
- commit dbb8904
- maple_tree: fix MAPLE_PARENT_RANGE32 and parent pointer docs
(git-fixes).
- media: rj54n1cb0c: Fix memleak in rj54n1_probe() (git-fixes).
- media: lirc: Fix error handling in lirc_register() (git-fixes).
- media: zoran: Remove zoran_fh structure (git-fixes).
- drm/amdgpu: remove the redeclaration of variable i (git-fixes).
- drm/msm/dpu: fix incorrect type for ret (git-fixes).
- drm/amdkfd: Fix error code sign for EINVAL in svm_ioctl()
(git-fixes).
- drm/amd/pm: Disable SCLK switching on Oland with high pixel
clocks (v3) (git-fixes).
- drm/amd/pm: Disable MCLK switching with non-DC at 120 Hz+ (v2)
(git-fixes).
- drm/amd/pm: Treat zero vblank time as too short in si_dpm (v3)
(git-fixes).
- drm/amd/pm: Adjust si_upload_smc_data register programming (v3)
(git-fixes).
- drm/amd/pm: Fix si_upload_smc_data (v3) (git-fixes).
- drm/amd/pm: Disable ULV even if unsupported (v3) (git-fixes).
- drm/amdgpu: Power up UVD 3 for FW validation (v2) (git-fixes).
- drm/rcar-du: dsi: Fix 1/2/3 lane support (git-fixes).
- drm/amd/display: Remove redundant semicolons (git-fixes).
- firewire: core: fix overlooked update of subsystem ABI version
(git-fixes).
- commit 2161328
- docs: admin-guide: update to current minimum pipe size default
(git-fixes).
- drivers/base/node: handle error properly in register_one_node()
(git-fixes).
- Bluetooth: ISO: don't leak skb in ISO_CONT RX (git-fixes).
- Bluetooth: ISO: Fix possible UAF on iso_conn_free (git-fixes).
- Bluetooth: MGMT: Fix not exposing debug UUID on
MGMT_OP_READ_EXP_FEATURES_INFO (git-fixes).
- drm/radeon/r600_cs: clean up of dead code in r600_cs
(git-fixes).
- drm/bridge: it6505: select REGMAP_I2C (git-fixes).
- drm/panel: novatek-nt35560: Fix invalid return value
(git-fixes).
- can: rcar_can: rcar_can_resume(): fix s2ram with PSCI
(stable-fixes).
- drm/i915/backlight: Return immediately when scale() finds
invalid parameters (stable-fixes).
- commit 07504f9
- ASoC: wcd934x: fix error handling in wcd934x_codec_parse_data()
(git-fixes).
- ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free
(git-fixes).
- ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping
(git-fixes).
- ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping
(git-fixes).
- ASoC: Intel: bytcht_es8316: Fix invalid quirk input mapping
(git-fixes).
- ASoC: qcom: audioreach: fix potential null pointer dereference
(git-fixes).
- ASoC: imx-hdmi: remove cpu_pdev related code (git-fixes).
- ALSA: lx_core: use int type to store negative error codes
(git-fixes).
- ALSA: usb-audio: Add mute TLV for playback volumes on more
devices (stable-fixes).
- ALSA: usb-audio: move mixer_quirks' min_mute into common quirk
(stable-fixes).
- commit 86dd099
- ALSA: usb-audio: Add DSD support for Comtrue USB Audio device
(stable-fixes).
- ALSA: usb-audio: Fix build with CONFIG_INPUT=n (git-fixes).
- ALSA: usb-audio: Convert comma to semicolon (git-fixes).
- ALSA: usb-audio: Add mixer quirk for Sony DualSense PS5
(stable-fixes).
- ALSA: usb-audio: Remove unneeded wmb() in mixer_quirks
(stable-fixes).
- ALSA: usb-audio: Simplify NULL comparison in mixer_quirks
(stable-fixes).
- ALSA: usb-audio: Avoid multiple assignments in mixer_quirks
(stable-fixes).
- ALSA: usb-audio: Drop unnecessary parentheses in mixer_quirks
(stable-fixes).
- ALSA: usb-audio: Fix block comments in mixer_quirks
(stable-fixes).
- commit 929e260
- Squashfs: reject negative file sizes in squashfs_read_inode()
(git-fixes).
- commit 2f68e78
- Squashfs: add additional inode sanity checking (git-fixes).
- commit fe46811
- Squashfs: fix uninit-value in squashfs_get_parent (git-fixes).
- commit 126861e
- kbuild/modpost: Continue processing all unresolved symbols
when KLP_SYM_RELA is found (bsc#1218644, bsc#1250655).
- commit ec0a51c
- Fix BPF selftests compilation error in bpf_iter.c (git-fixes)
Since SUSE commit 7cae2487c586, BPF selftests fails to compile.
.../tools/testing/selftests/bpf/prog_tests/bpf_iter.c: In function 'test_task_common_nocheck':
.../tools/testing/selftests/bpf/prog_tests/bpf_iter.c:231:26: error: implicit declaration of function 'gettid'; did you mean 'getgid'? [-Werror=implicit-function-declaration]
231 | skel->bss->tid = gettid();
| ^~~~~~
| getgid
Fix the BPF selftests compilation failure by:
- bpf: handle implicit declaration of function gettid in
bpf_iter.c
- Refresh
patches.suse/selftests-bpf-Clean-up-open-coded-gettid-syscall-inv.patch.
- commit 43aa317
- Drivers: hv: Select CONFIG_SYSFB only if EFI is enabled (git-fixes).
- KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush (bsc#1246782 CVE-2025-38351).
- Drivers: hv: Always select CONFIG_SYSFB for Hyper-V guests (git-fixes).
- KVM: x86: model canonical checks more precisely (bsc#1246782 CVE-2025-38351).
- KVM: x86: Add X86EMUL_F_MSR and X86EMUL_F_DT_LOAD to aid canonical (bsc#1246782 CVE-2025-38351).
- KVM: x86: Route non-canonical checks in emulator through emulate_ops (bsc#1246782 CVE-2025-38351).
- KVM: x86: drop x86.h include from cpuid.h (bsc#1246782 CVE-2025-38351).
- KVM: x86: Bury guest_cpuid_is_amd_or_hygon() in cpuid.c (bsc#1246782 CVE-2025-38351).
- KVM: SVM: Emulate SYSENTER RIP/RSP behavior for all Intel compat (bsc#1246782 CVE-2025-38351).
- KVM: x86: Inhibit code #DBs in MOV-SS shadow for all Intel compat (bsc#1246782 CVE-2025-38351).
- KVM: x86: Apply Intel's TSC_AUX reserved-bit behavior to Intel compat (bsc#1246782 CVE-2025-38351).
- KVM: x86/pmu: Squash period for checkpointed events based on host (bsc#1246782 CVE-2025-38351).
- commit 6e28165
- Update
patches.suse/HID-asus-fix-UAF-via-HID_CLAIMED_INPUT-validation.patch
(CVE-2025-39824 bsc#1250007).
Added CVE reference
- commit 579a063
- smb: client: fix race with concurrent opens in rename(2)
(bsc#1250179, CVE-2025-39825).
- commit 4df7381
- bus: fsl-mc: Check return value of platform_get_resource()
(git-fixes).
- memory: samsung: exynos-srom: Fix of_iomap leak in
exynos_srom_probe (git-fixes).
- firmware: meson_sm: fix device leak at probe (git-fixes).
- soc: qcom: rpmh-rsc: Unconditionally clear _TRIGGER bit for TCS
(git-fixes).
- thermal/drivers/qcom/lmh: Add missing IRQ includes (git-fixes).
- ACPI: TAD: Add missing sysfs_remove_group() for ACPI_TAD_RT
(git-fixes).
- ACPI: property: Fix buffer properties extraction for subnodes
(git-fixes).
- ACPI: processor: idle: Fix memory leak when register cpuidle
device failed (git-fixes).
- ACPICA: Fix largest possible resource descriptor index
(git-fixes).
- ACPI: debug: fix signedness issues in read/write helpers
(git-fixes).
- PM: sleep: core: Clear power.must_resume in noirq suspend
error path (git-fixes).
- PM / devfreq: mtk-cci: Fix potential error pointer dereference
in probe() (git-fixes).
- i3c: master: svc: Recycle unused IBI slot (git-fixes).
- i3c: Fix default I2C adapter timeout value (git-fixes).
- i2c: designware: Add disabling clocks when probe fails
(git-fixes).
- i2c: mediatek: fix potential incorrect use of I2C_MASTER_WRRD
(git-fixes).
- pinctrl: renesas: Use int type to store negative error codes
(git-fixes).
- pinctrl: samsung: Drop unused S3C24xx driver data (git-fixes).
- pinctrl: meson-gxl: add missing i2c_d pinmux (git-fixes).
- pinctrl: equilibrium: Remove redundant semicolons (git-fixes).
- power: supply: max77976_charger: fix constant current reporting
(git-fixes).
- power: supply: cw2015: Fix a alignment coding style issue
(git-fixes).
- mfd: rz-mtu3: Fix MTU5 NFCR register offset (git-fixes).
- spi: cadence-quadspi: Flush posted register writes before DAC
access (git-fixes).
- spi: cadence-quadspi: Flush posted register writes before
INDAC access (git-fixes).
- spi: mtk-snfi: Remove redundant semicolons (git-fixes).
- spi: bcm2835: Remove redundant semicolons (git-fixes).
- regulator: scmi: Use int type to store negative error codes
(git-fixes).
- regmap: Remove superfluous check for !config in __regmap_init()
(git-fixes).
- mfd: vexpress-sysreg: Check the return value of
devm_gpiochip_add_data() (git-fixes).
- pwm: tiehrpwm: Fix corner case in clock divisor calculation
(git-fixes).
- pwm: tiehrpwm: Make code comment in .free() more useful
(git-fixes).
- pwm: berlin: Fix wrong register in suspend/resume (git-fixes).
- hwmon: (mlxreg-fan) Separate methods of fan setting coming
from different subsystems (git-fixes).
- commit e80711d
- Drop patches.suse/drm-amd-display-Disable-PSR-SU-on-eDP-panels.patch (bsc#1243112)
The patch caused a regression wrt s2idle on AMD laptops
- commit 5a5bec2
- net/smc: fix UAF on smcsk after smc_listen_out() (CVE-2025-38734
bsc#1249324).
- commit b4812d3
- Update
patches.suse/dmaengine-ti-edma-Fix-memory-allocation-size-for-que.patch
(CVE-2025-39869 bsc#1250406).
Added CVE reference
- commit 056198e
- writeback: Avoid contention on wb->list_lock when switching
inodes (kABI fixup) (bsc#1237776).
- commit 883c841
- netfilter: ctnetlink: remove refcounting in expectation dumpers
(CVE-2025-39764 bsc#1249513).
- commit 09ba55b
- net/sched: Make cake_enqueue return NET_XMIT_CN when past
buffer_limit (CVE-2025-39766 bsc#1249510).
- commit c0189b7
- net/sched: Fix backlog accounting in qdisc_dequeue_internal
(CVE-2025-39677 bsc#1249300).
- commit 3cfca22
- tls: handle data disappearing from under the TLS ULP
(CVE-2025-38616 bsc#1248512).
- tls: fix lockless read of strp->msg_ready in ->poll
(CVE-2025-38616 bsc#1248512).
- commit 8c223c9
- cifs: prevent NULL pointer dereference in UTF16 conversion
(bsc#1250365, CVE-2025-39838).
- commit 9718aa1
- scsi: core: ufs: Fix a hang in the error handler (CVE-2025-38119
bsc#1245700).
- commit 43675ce
- writeback: Avoid excessively long inode switching times
(bsc#1237776).
- commit 77817f2
- writeback: Avoid softlockup when switching many inodes
(bsc#1237776).
- commit 9ecba0d
- writeback: Avoid contention on wb->list_lock when switching
inodes (bsc#1237776).
- commit a591614
- bpftool: Fix JSON writer resource leak in version command
(git-fixes).
- commit d19e155
- EDAC/i10nm: Skip DIMM enumeration on a disabled memory
controller (git-fixes).
- commit 45a7726
- sched/rt: Fix race in push_rt_task (CVE-2025-38234 bsc#1246057)
- commit 36ede09
- sched/core: Prevent rescheduling when interrupts are disabled (CVE-2024-58090 bsc#1240324)
- commit 5da028c
- xfs: do not propagate ENODATA disk errors into xattr code
(bsc#1250025 CVE-2025-39835).
- commit 78d977d
- ocfs2: fix recursive semaphore deadlock in fiemap call
(bsc#1250407 CVE-2025-39885).
- ocfs2: prevent release journal inode after journal shutdown
(bsc#1250267 CVE-2025-39842).
- commit 3a5de55
- mm/smaps: fix race between smaps_hugetlb_range and migration
(CVE-2025-39754 bsc#1249524).
- commit 313ab7a
- seccomp: Fix a race with WAIT_KILLABLE_RECV if the tracer
replies too fast (git-fixes).
- commit fb88d9d
- tty: hvc_console: Call hvc_kick in hvc_write unconditionally
(bsc#1230062).
- commit 3702f36
- afs: Fix potential null pointer dereference in afs_put_server
(git-fixes).
- commit 3a230bf
- net/smc: fix one NULL pointer dereference in smc_ib_is_sg_need_sync() (CVE-2025-39857 bsc#1250251)
- commit 7481e31
- selftests/cpufreq: Fix cpufreq basic read and update testcases
(bsc#1250344).
- commit 83a7790
- drm/ast: Use msleep instead of mdelay for edid read
(bsc#1250530).
- commit 2fd5794
- net/sched: ets: use old 'nbands' while purging unused classes
(CVE-2025-38684 bsc#1249156).
- commit e0501b7
- KVM: x86: use array_index_nospec with indices that come from
guest (CVE-2025-39823 bsc#1250002).
- commit ecf3611
- tee: fix NULL pointer dereference in tee_shm_put (CVE-2025-39865
bsc#1250294).
- commit 3708eb2
- cpufreq: Initialize cpufreq-based invariance before subsys
(git-fixes).
- commit 9618c74
- cpufreq: tegra186: Share policy per cluster (stable-fixes).
- commit dac2616
- x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init
helper (CVE-2025-39681 bsc#1249303).
- commit 5bc51ab
- coresight: Fix memory leak in acpi_buffer->pointer
(CVE-2023-53261 bsc#1249770).
- commit 7cf7512
- soc: qcom: mdt_loader: Deal with zero e_shentsize
(CVE-2025-39787 bsc#1249545).
- soc: qcom: mdt_loader: Fix error return values in
mdt_header_valid() (CVE-2025-39787 bsc#1249545).
- commit 3946900
- i2c: riic: Allow setting frequencies lower than 50KHz
(git-fixes).
- soc: qcom: mdt_loader: Ensure we don't read past the ELF header
(CVE-2025-39787 bsc#1249545).
- commit bb8f700
- sched/isolation: Fix boot crash when maxcpus < first (git-fixes)
- commit f52d7e3
- sched/numa, mm: do not try to migrate memory to memoryless (git-fixes)
- commit d547451
- sched/fair: Remove unused parameter from sched_asym() (git-fixes)
- commit 6507dc9
- sched/fair: Take the scheduling domain into account in (git-fixes)
- commit 3d3501e
- sched/deadline: Collect sched_dl_entity initialization (git-fixes)
- commit 73df41d
- Bluetooth: MGMT: Fix possible UAFs (git-fixes).
- Refresh patches.kabi/hci_dev-centralize-extra-lock.patch.
- commit 358e9ae
- fbcon: Fix OOB access in font allocation (git-fixes).
- commit e730b01
- fbcon: fix integer overflow in fbcon_do_set_font (git-fixes).
- drm/gma500: Fix null dereference in hdmi teardown (git-fixes).
- can: peak_usb: fix shift-out-of-bounds issue (git-fixes).
- can: mcba_usb: populate ndo_change_mtu() to prevent buffer
overflow (git-fixes).
- can: sun4i_can: populate ndo_change_mtu() to prevent buffer
overflow (git-fixes).
- can: hi311x: populate ndo_change_mtu() to prevent buffer
overflow (git-fixes).
- can: etas_es58x: populate ndo_change_mtu() to prevent buffer
overflow (git-fixes).
- Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync
(git-fixes).
- Bluetooth: hci_sync: Fix hci_resume_advertising_sync
(git-fixes).
- ALSA: hda/realtek: Fix mute led for HP Laptop 15-dw4xx
(stable-fixes).
- net: rfkill: gpio: Fix crash due to dereferencering
uninitialized pointer (git-fixes).
- net: phy: fix phy_uses_state_machine() (git-fixes).
- wifi: wilc1000: avoid buffer overflow in WID string
configuration (stable-fixes).
- wifi: mac80211: increase scan_ies_len for S1G (stable-fixes).
- wifi: mac80211: fix incorrect type for ret (stable-fixes).
- ALSA: firewire-motu: drop EPOLLOUT from poll return values as
write is not supported (stable-fixes).
- dmaengine: mediatek: Fix a flag reuse error in
mtk_cqdma_tx_status() (git-fixes).
- commit f69acd3
- iommu/vt-d: Fix __domain_mapping()'s usage of
switch_to_super_page() (git-fixes).
- commit 9b4fa49
- net: gso: Forbid IPv6 TSO with extensions on devices with only
IPV6_CSUM (CVE-2025-39770 bsc#1249508).
- commit 8d2822a
- kabi: Restore layout of parallel_data (bsc1248343).
- commit c7e8448
- padata: Fix pd UAF once and for all (CVE-2025-38584 bsc1248343).
- commit 00470a2
- xfrm: xfrm_alloc_spi shouldn't use 0 as SPI (CVE-2025-39797
bsc#1249608).
- commit a50d626
- xfrm: Duplicate SPI Handling (CVE-2025-39797 bsc#1249608).
- commit 313a1d3
- kernel-source.spec: Depend on python3-base for build
Both kernel-binary and kernel-docs already have this dependency.
Adding it to kernel-source makes it possible to use python in shared
build scripts.
- commit 72fdedd
- kernel-source: Do not list mkspec and its inputs as sources
(bsc#1250522).
This excludes the files from the src.rpm. The next step is to remove
these files in tar-up so that they do not get uploaded to OBS either.
As there is only one version of tar-up these files need to be removed
from all kernels.
- commit e72b8a2
- selftests: bpf: test batch lookup on array of maps with holes
(git-fixes).
- commit 6ee12a9
- bpf: skip non exist keys in generic_map_lookup_batch
(git-fixes).
- commit dcb10ca
- kABI: arm64: ftrace: Restore init_module behavior (git-fixes).
- commit 113b4db
- arm64: ftrace: fix unreachable PLT for ftrace_caller in init_module (git-fixes)
- commit 8f9b835
- rpm: Link arch-symbols script from scripts directory.
- commit 90b2abb
- struct ci_hdrc: new member has_short_pkt_limit to end
(git-fixes).
- commit 5b5fa69
- cgroup: llist: avoid memory tears for llist_node (bsc#1247963).
- commit 854319b
- kabi: add struct cgroup_extra (bsc#1247963).
- commit 5114e86
- cgroup/rstat: Reduce cpu_lock hold time in
cgroup_rstat_flush_locked() (bsc#1247963).
- commit 2f30983
- cgroup/rstat: Optimize cgroup_rstat_updated_list()
(bsc#1247963).
- Refresh patches.kabi/kabi-add-struct-cgroup_extra.patch.
- commit 966ee8b
- btrfs: do not allow relocation of partially dropped subvolumes
(bsc#1249540 CVE-2025-39738).
- commit 60a9a58
- crypto: qat - add shutdown handler to qat_c3xxx (git-fixes).
- commit 562553d
- crypto: qat - add shutdown handler to qat_c62x (git-fixes).
- commit 95c669b
- rcu: Fix racy re-initialization of irq_work causing hangs (git-fixes)
- commit bc7d88d
- rcu: Fix rcu_read_unlock() deadloop due to IRQ work (bsc#1249494 CVE-2025-39744)
- commit ef20792
- rcu: Protect ->defer_qs_iw_pending from data race (bsc#1249533 CVE-2025-39749)
- commit 2b090f5
- use uniform permission checks for all mount propagation changes
(git-fixes).
- commit 4b14435
- rcu/exp: Handle RCU expedited grace period kworker allocation (git-fixes)
- commit 7737606
- rcu/exp: Fix RCU expedited parallel grace period kworker (git-fixes)
- commit 19ee671
- crypto: qat - add shutdown handler to qat_dh895xcc (git-fixes).
- commit 7ca55c2
- usb: typec: tcpci: use GENMASK() for TCPC_ROLE_CTRL_CC[12]
(git-fixes).
- commit 61574e5
- rpm: Link guards script from scripts directory.
- commit e19a893
- usb: typec: maxim_contaminant: re-enable cc toggle if cc is
open and port is clean (git-fixes).
- commit d3067ea
- usb: typec: maxim_contaminant: disable low power mode when
reading comparator values (git-fixes).
- commit f661b59
- usb: typec: tcpm/tcpci_maxim: fix non-contaminant CC handling
(git-fixes).
- commit 38cd076
- usb: typec: tcpm/tcpci_maxim: use GENMASK() for
TCPC_VENDOR_CC_CTRL2 register (git-fixes).
- commit 2b55585
- usb: dwc3: imx8mp: fix device leak at unbind (git-fixes).
- commit 5a35982
- usb: xhci: Fix invalid pointer dereference in Etron workaround
(git-fixes).
- commit a8cfeaf
- config.sh: Use Step repository for building Leap kernel
bs-upload-kernel does not understand the Leap repository layout
- commit cae4664
- usb: typec: fusb302: cache PD RX state (git-fixes).
- commit 3e6c8b0
- usb: dwc3: qcom: Don't leave BCR asserted (git-fixes).
- commit fdef7a6
- xhci: Fix control transfer error on Etron xHCI host (git-fixes).
- commit f7d6da1
- usb: chipidea: add CI_HDRC_HAS_SHORT_PKT_LIMIT flag (git-fixes).
- commit ff0fd10
- fs/nfs/io: make nfs_start_io_*() killable (git-fixes).
- commit 8cf21ec
- Delete patches.kabi/KVM-x86-Re-split-x2APIC-ICR-into-ICR-ICR2-for-AMD-x2.patch
- commit 0a00b28
- kabi: drop kvm_x86_ops from kabi relevant symbols
Since upstream commit dfc4e6ca04113 ("KVM: x86: Unexport kvm_x86_ops")
v5.18-rc1~139^2~153 kvm_x86_ops is no longer exported, so it can be
dropped from kabi checks.
- commit 4f5efb7
- kABI fix after vsock/virtio: fix `rx_bytes` accounting for
stream sockets (git-fixes).
- commit dd1042c
- platform/x86: thinkpad_acpi: Handle KCOV __init vs inline
mismatches (git-fixes).
- commit 7941d4d
- platform/mellanox: mlxbf-pmc: Validate event/enable input
(git-fixes).
- commit 7bd7d6e
- platform/mellanox: mlxbf-pmc: Remove newline char from event
name input (git-fixes).
- commit e4c52ac
- platform/x86: dell-wmi-sysman: Fix class device unregistration
(git-fixes).
- commit c3cf8fd
- platform/x86: think-lmi: Fix class device unregistration
(git-fixes).
- commit dab00ca
- netfilter: nf_reject: don't leak dst refcount for loopback
packets (CVE-2025-38732 bsc#1249262).
- commit e613385
- vhost/net: Protect ubufs with rcu read lock in
vhost_net_ubuf_put() (git-fixes).
- commit b347e0b
- vsock/virtio: Resize receive buffers so that each SKB fits in
a 4K page (git-fixes).
- commit 64aa75c
- vhost/vsock: Avoid allocating arbitrarily-sized SKBs
(git-fixes).
- commit 62a440b
- vhost: fail early when __vhost_add_used() fails (git-fixes).
- commit 9d77130
- vhost-scsi: Fix log flooding with target does not exist errors
(git-fixes).
- commit 2d6a672
- vsock: Fix IOCTL_VM_SOCKETS_GET_LOCAL_CID to check also
`transport_local` (git-fixes).
- commit 7139f2e
- vsock/virtio: fix `rx_bytes` accounting for stream sockets
(git-fixes).
- commit c34e345
- IB/mlx5: Fix obj_type mismatch for SRQ event subscriptions (git-fixes)
- commit c2e717d
- vsock: avoid timeout during connect() if the socket is closing
(git-fixes).
- commit 34796d2
- vhost-scsi: Return queue full for page alloc failures during
copy (git-fixes).
- commit 3dcf5c3
- vsock: Allow retrying on connect() failure (git-fixes).
- commit 1f9e448
- 9p/xen: fix init sequence (git-fixes).
- commit 22e0fa2
- btrfs: tree-checker: fix the incorrect inode ref size check
(git-fixes).
- commit 1a69e6a
- KVM: SVM: Sync TPR from LAPIC into VMCB::V_TPR even if AVIC
is active (git-fixes).
- commit 97c436d
- KVM: x86: Drop pending_smi vs. INIT_RECEIVED check when setting
MP_STATE (git-fixes).
- commit 1086ea1
- KVM: SVM: Disable interception of SPEC_CTRL iff the MSR exists
for the guest (git-fixes).
- commit 16aecdb
- KVM: VMX: Extract checking of guest's DEBUGCTL into helper
(git-fixes).
- commit a89d774
- KVM: x86: avoid underflow when scaling TSC frequency
(git-fixes).
- commit 1dc5b36
- KVM: x86/xen: Allow 'out of range' event channel ports in IRQ
routing table (git-fixes).
- commit fc7a1db
- KVM: VMX: Flush shadow VMCS on emergency reboot (git-fixes).
- commit 75149a0
- KVM: SVM: Clear current_vmcb during vCPU free for all *possible*
CPUs (git-fixes).
- commit 221d435
- KVM: x86: Fully defer to vendor code to decide how to force
immediate exit (git-fixes).
- commit 9d7cfec
- KVM: VMX: Handle KVM-induced preemption timer exits in fastpath
for L2 (git-fixes).
- commit 4708423
- KVM: x86: Move handling of is_guest_mode() into fastpath exit
handlers (git-fixes).
- commit 80f5d63
- btrfs: fix invalid extref key setup when replaying dentry
(git-fixes).
- commit d51ea66
- KVM: VMX: Handle forced exit due to preemption timer in fastpath
(git-fixes).
- commit 1eccc09
- KVM: VMX: Re-enter guest in fastpath for "spurious" preemption
timer exits (git-fixes).
- commit e920f78
- KVM: x86: Plumb "force_immediate_exit" into kvm_entry()
tracepoint (git-fixes).
- commit d90d7aa
- KVM: arm64: vgic: fix incorrect spinlock API usage (git-fixes).
- commit 972706e
- ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr
(bsc#1249258 CVE-2025-38701).
- commit f3682c5
- fs/buffer: fix use-after-free when call bh_read() helper
(bsc#1249374 CVE-2025-39691).
- jbd2: prevent softlockup in jbd2_log_do_checkpoint()
(bsc#1249526 CVE-2025-39782).
- loop: Avoid updating block size under exclusive owner
(bsc#1249199 CVE-2025-38709).
- eventpoll: Fix semi-unbounded recursion (bsc#1248392
CVE-2025-38614).
- commit fc4be97
- PCI: Extend isolated function probing to LoongArch (git-fixes).
- commit d35f4c9
- compiler: remove __ADDRESSABLE_ASM{_STR,}() again (git-fixes).
- commit bf93f6c
- x86/cpu: Add model number for Intel Clearwater Forest processor
(git-fixes).
- commit 7c8efd9
- wifi: cfg80211: remove cfg80211_inform_single_bss_frame_data()
(git-fixes).
- commit a72bcdf
- xen/netfront: Fix TX response spurious interrupts (git-fixes).
- commit 5e0ce6f
- KVM: s390: Fix incorrect usage of mmu_notifier_register()
(git-fixes bsc#1250336).
- commit 64b94c2
- xen/gntdev: remove struct gntdev_copy_batch from stack
(git-fixes).
- commit 13539ce
- wireless: purelifi: plfxlc: fix memory leak in
plfxlc_usb_wreq_asyn() (git-fixes).
- commit 5a9e007
- xenbus: Allow PVH dom0 a non-local xenstore (git-fixes).
- commit 81be2ce
- xen: Add support for XenServer 6.1 platform device (git-fixes).
- commit a4daef0
- kabi: restore layout of struct cgroup_rstat_cpu (bsc#1247963).
- commit 05abe8b
- mmc: core: Use GFP_NOIO in ACMD22 (git-fixes).
- commit 58bbbbb
- cgroup: remove per-cpu per-subsystem locks (bsc#1247963).
- cgroup: make css_rstat_updated nmi safe (bsc#1247963).
- cgroup: support to enable nmi-safe css_rstat_updated
(bsc#1247963).
- commit 2adc7c0
- NFSv4/flexfiles: Fix layout merge mirror check (git-fixes).
- commit fcad211
- SUNRPC: call xs_sock_process_cmsg for all cmsg (git-fixes).
- commit 1f5dab1
- Revert "SUNRPC: Don't allow waiting for exiting tasks"
(git-fixes).
- commit f25412a
- flexfiles/pNFS: fix NULL checks on result of
ff_layout_choose_ds_for_read (git-fixes).
- commit 43ddf37
- NFSv4: Clear the NFS_CAP_XATTR flag if not supported by the
server (git-fixes).
- commit da99754
- NFSv4: Clear the NFS_CAP_FS_LOCATIONS flag if it is not set
(git-fixes).
- commit 0b05e92
- NFSv4: Don't clear capabilities that won't be reset (git-fixes).
- commit f31092e
- nilfs2: fix CFI failure when accessing /sys/fs/nilfs2/features/*
(git-fixes).
- commit 4438737
- mmc: mvsdio: Fix dma_unmap_sg() nents value (git-fixes).
- crypto: af_alg - Set merge to zero early in af_alg_sendmsg
(git-fixes).
- ASoC: qcom: q6apm-lpass-dais: Fix missing set_fmt DAI op for
I2S (git-fixes).
- ASoC: qcom: audioreach: Fix lpaif_type configuration for the
I2S interface (git-fixes).
- ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if
source graph failed (git-fixes).
- ASoC: wm8974: Correct PLL rate rounding (git-fixes).
- ASoC: wm8940: Correct typo in control name (git-fixes).
- ASoC: wm8940: Correct PLL rate rounding (git-fixes).
- ASoC: SOF: Intel: hda-stream: Fix incorrect variable used in
error message (git-fixes).
- ALSA: hda: intel-dsp-config: Prevent SEGFAULT if ACPI_HANDLE()
is NULL (git-fixes).
- ALSA: hda/realtek: Add ALC295 Dell TAS2781 I2C fixup
(git-fixes).
- drm: bridge: cdns-mhdp8546: Fix missing mutex unlock on error
path (git-fixes).
- drm: bridge: anx7625: Fix NULL pointer dereference with early
IRQ (git-fixes).
- USB: serial: option: add Telit Cinterion LE910C4-WWX new
compositions (stable-fixes).
- USB: serial: option: add Telit Cinterion FN990A w/audio
compositions (stable-fixes).
- Input: i8042 - add TUXEDO InfinityBook Pro Gen10 AMD to i8042
quirk table (stable-fixes).
- Input: iqs7222 - avoid enabling unused interrupts
(stable-fixes).
- drm/amdgpu/vcn: Allow limiting ctx to instance 0 for AV1 at
any time (stable-fixes).
- drm/amdgpu/vcn4: Fix IB parsing with multiple engine info
packages (stable-fixes).
- mtd: nand: raw: atmel: Respect tAR, tCLR in read setup timing
(git-fixes).
- compiler-clang.h: define __SANITIZE_*__ macros only when
undefined (stable-fixes).
- i2c: i801: Hide Intel Birch Stream SoC TCO WDT (git-fixes).
- mtd: nand: raw: atmel: Fix comment in timings preparation
(stable-fixes).
- commit 60c59ef
- Drop arm64 patches that may lead to module load failure (bsc#1250057)
Deleted:
patches.suse/arm64-ftrace-fix-unreachable-PLT-for-ftrace_caller-in-init.patch
patches.kabi/kABI-arm64-ftrace-Restore-struct-mod_arch_specific-l.patch
- commit 2621bab
- xfs: rework datasync tracking and execution (bsc#1237449).
- xfs: rearrange code in xfs_inode_item_precommit (bsc#1237449).
- commit 730f72c
- habanalabs: fix UAF in export_dmabuf() (CVE-2025-38722
bsc#1249163).
- commit 5507c4a
- net: bridge: fix soft lockup in br_multicast_query_expired()
(CVE-2025-39773 bsc#1249504).
- commit 8e6b9c2
- cgroup: remove cgroup_rstat_flush_atomic() (bsc#1247963).
- commit 45cbf76
- io_uring/net: commit partial buffers on retry (CVE-2025-38730
bsc#1249172).
- commit 7b5fe24
- selftests/bpf: adapt one more case in test_lru_map to the new
target_free (git-fixes).
- commit 951807c
- Correct typos of References tags in some patches
- commit 183c46e
- selftests/bpf: Add asserts for netfilter link info (git-fixes).
- commit 443e26f
- bpf: Fix link info netfilter flags to populate defrag flag
(git-fixes).
- commit d659929
- bpf: Adjust free target to avoid global starvation of LRU map
(git-fixes).
- commit a87821b
- bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure
(git-fixes).
- commit fc9c396
- struct l2cap_chan: shift new member rx_avail to end (git-fixes).
- commit df4a4b8
- Bluetooth: compute LE flow credits based on recvbuf space
(git-fixes).
- Refresh patches.suse/Bluetooth-L2CAP-Fix-deadlock.patch.
- Refresh
patches.suse/bluetooth-l2cap-sync-sock-recv-cb-and-release.patch.
- commit 89343db
- drm/amd/pm: fix null pointer access (CVE-2025-38705
bsc#1249334).
- commit b78844e
- vsock/virtio: Validate length in packet header before skb_put()
(CVE-2025-39718 bsc#1249305).
- commit 8072632
- arm64: ftrace: fix unreachable PLT for ftrace_caller in init_module (git-fixes)
- commit 420c073
- Bluetooth: qca: fix wcn3991 device address check (git-fixes).
- commit 9189126
- Bluetooth: qca: fix invalid device address check (git-fixes).
- commit 0795907
- wifi: ath10k: shutdown driver when hardware is unreliable
(CVE-2025-39746 bsc#1249516).
- commit b5556c6
- cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag
(stable-fixes).
- commit 9a8a959
- cpufreq: Exit governor when failed to start old governor
(stable-fixes).
- commit 39287fb
- cpufreq: Init policy->rwsem before it may be possibly used
(git-fixes).
- commit 04861e7
- cpufreq: Initialize cpufreq-based frequency-invariance later
(git-fixes).
- commit ed31199
- cpufreq: intel_pstate: Always use HWP_DESIRED_PERF in passive
mode (git-fixes).
- commit 723f0f4
- cpufreq: intel_pstate: Unchecked MSR aceess in legacy mode
(git-fixes).
- commit 662764f
- cpufreq: cppc: Fix invalid return value in .get() callback
(git-fixes).
- commit 6fc7d2a
- drm/amd/display: fix a Null pointer dereference vulnerability (bsc#1249295 CVE-2025-39705)
- commit fd61b4f
- pptp: fix pptp_xmit() error path (git-fixes).
- commit 91ca931
- net, hsr: reject HSR frame if skb can't hold tag (CVE-2025-39703
bsc#1249315).
- netfilter: ctnetlink: fix refcount leak on table dump
(CVE-2025-38721 bsc#1249176).
- pptp: ensure minimal skb length in pptp_xmit() (CVE-2025-38574
bsc#1248365).
- commit a50f469
- media: venus: Fix OOB read due to missing payload bound check
(CVE-2025-38679 bsc#1249202).
- commit 8b1060a
- platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL
(CVE-2025-39678 bsc#1249290).
- commit d0b499a
- drivers/base/node: rename __register_one_node() to
register_one_node() (bsc#1241866).
- commit 806b51c
- drivers/base/node: rename register_memory_blocks_under_node()
and remove context argument (bsc#1241866).
- commit 9ef69ed
- drivers/base/node: remove register_memory_blocks_under_node()
function call from register_one_node (bsc#1241866).
- commit 2f00393
- drivers/base/node: remove register_mem_block_under_node_early()
(bsc#1241866).
- commit 02a1a4a
- drivers/base/node: optimize memory block registration to reduce
boot time (bsc#1241866).
- commit 3a0dd5e
- cpufreq: scpi: compare kHz instead of Hz (git-fixes).
- commit bd20bfa
- cpufreq: governor: Fix negative 'idle_time' handling in
dbs_update() (git-fixes).
- commit 7fc2c58
- cpufreq: Use the fixed and coherent frequency for scaling
capacity (stable-fixes).
- commit 573ea38
- power: supply: bq27xxx: restrict no-battery detection to bq27000
(git-fixes).
- power: supply: bq27xxx: fix error return in case of no bq27000
hdq battery (git-fixes).
- commit 7d4436e
- kABI: arm64: ftrace: Restore struct mod_arch_specific layout (git-fixes).
- commit 7f84dae
- arm64: dts: rockchip: Add vcc-supply to SPI flash on (git-fixes)
- commit 06d6c63
- arm64: dts: imx8mp: Fix missing microSD slot vqmmc on Data Modul (git-fixes)
- commit d3f6628
- arm64: dts: imx8mp: Fix missing microSD slot vqmmc on DH electronics (git-fixes)
- commit faa58e2
- arm64: dts: imx8mp-tqma8mpql: fix LDO5 power off (git-fixes)
- commit 775e3f7
- arm64: Mark kernel as tainted on SAE and SError panic (git-fixes)
- commit 833fcf1
- arm64: Handle KCOV __init vs inline mismatches (git-fixes)
- commit 187b48f
- arm64: dts: rockchip: use cs-gpios for spi1 on ringneck (git-fixes)
- commit 8c45279
- arm64: dts: rockchip: disable unrouted USB controllers and PHY on RK3399 Puma with Haikou (git-fixes).
- commit 5a86595
- arm64: dts: rockchip: disable unrouted USB controllers and PHY on (git-fixes)
- commit 655bf48
- arm64: dts: rockchip: fix internal USB hub instability on RK3399 Puma (git-fixes)
- commit d929ee1
- i2c: tegra: Use internal reset when reset property is not available (bsc#1249143)
- commit 7b11853
- tls: fix handling of zero-length records on the rx_list
(CVE-2025-39682 bsc#1249284).
- commit 409e98c
- kABI workaround for "drm/dp: Add an EDID quirk for the DPCD
register access probe" (bsc#1248121).
- commit 6cdcefb
- drm/amd/display: Disable DPCD Probe Quirk (bsc#1248121).
- commit 617e84a
- drm/dp: Add an EDID quirk for the DPCD register access probe
(bsc#1248121).
- Refresh
patches.suse/drm-Add-kabi-placeholders-to-commonly-used-structs.patch.
- commit db9d8ac
- drm/edid: Add support for quirks visible to DRM core and drivers
(bsc#1248121).
- drm/edid: Define the quirks in an enum list (bsc#1248121).
- commit bc5a858
- drm/dp: Change AUX DPCD probe address from LANE0_1_STATUS to
TRAINING_PATTERN_SET (bsc#1248121).
- commit 36a72f9
- Update patches.suse/drm-dp-Change-AUX-DPCD-probe-address-from-DPCD_REV-t.patch (bsc#1248121)
Move to the cherry-picked 6.16-rc patch, to be applied earlier
- commit 49f20a1
- netfilter: nf_tables: reject duplicate device on updates
(CVE-2025-38678 bsc#1249126).
- commit 8b40732
- Limit patch filenames to 100 characters (bsc#1249604).
- commit 8a17cff
- iommu/amd: Avoid stack buffer overflow from kernel cmdline
(CVE-2025-38676 bsc#1248775).
- commit eddb6c4
- phy: ti-pipe3: fix device leak at unbind (git-fixes).
- phy: tegra: xusb: fix device and OF node leak at probe
(git-fixes).
- dmaengine: dw: dmamux: Fix device reference leak in
rzn1_dmamux_route_allocate (git-fixes).
- dmaengine: ti: edma: Fix memory allocation size for
queue_priority_map (git-fixes).
- dmaengine: idxd: Fix double free in idxd_setup_wqs()
(git-fixes).
- dmaengine: idxd: Fix refcount underflow on module unload
(git-fixes).
- dmaengine: idxd: Remove improper idxd_free (git-fixes).
- dmaengine: qcom: bam_dma: Fix DT error handling for
num-channels/ees (git-fixes).
- serial: sc16is7xx: fix bug in flow control levels init
(git-fixes).
- USB: gadget: dummy-hcd: Fix locking bug in RT-enabled kernels
(git-fixes).
- xhci: fix memory leak regression when freeing xhci vdev devices
depth first (git-fixes).
- xhci: dbc: Fix full DbC transfer ring after several reconnects
(git-fixes).
- commit 517a9a9
- regulator: sy7636a: fix lifecycle of power good gpio
(git-fixes).
- commit 519b81c
- struct cdc_ncm_ctx: hide new member filtering_supported
(git-fixes).
- commit 1152814
- drm/amdgpu: fix a memory leak in fence cleanup when unloading
(git-fixes).
- drm/i915/power: fix size for for_each_set_bit() in abox
iteration (git-fixes).
- commit 48c87c2
- drm/mediatek: fix potential OF node use-after-free (git-fixes).
- drm/amd/display: use udelay rather than fsleep (git-fixes).
- commit 9e6eea4
- net: usb: qmi_wwan: add Telit Cinterion LE910C4-WWX new
compositions (git-fixes).
- net: usb: cdc-ncm: check for filtering capability (git-fixes).
- commit ce04178
- cgroup/cpuset: Use static_branch_enable_cpuslocked() on
cpusets_insane_config_key (bsc#1241166).
- commit 414381b
- s390/vfio-ap: Fix no AP queue sharing allowed message written
to kernel log (git-fixes bsc#1249488).
- commit e007691
- s390/cpum_cf: Deny all sampling events by counter PMU (git-fixes
bsc#1249481).
- s390/pai: Deny all events not handled by this PMU (git-fixes
bsc#1249482).
- commit 85f3e91
- mtd: rawnand: stm32_fmc2: fix ECC overwrite (git-fixes).
- mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC
buffer (git-fixes).
- can: xilinx_can: xcan_write_frame(): fix use-after-free of
transmitted SKB (git-fixes).
- can: j1939: j1939_local_ecu_get(): undo increment when
j1939_local_ecu_get() fails (git-fixes).
- can: j1939: j1939_sk_bind(): call j1939_priv_put() immediately
when j1939_local_ecu_get() failed (git-fixes).
- can: j1939: implement NETDEV_UNREGISTER notification handler
(git-fixes).
- commit ab68e9b
- net/mlx5e: Remove skb secpath if xfrm state is not found (CVE-2025-38590 bsc#1248360)
- commit ed11350
- rcu-tasks: Maintain real-time response in (bsc#1246298)
- commit 1fbb6ff
- rcu-tasks: Eliminate deadlocks involving do_exit() and RCU (bsc#1246298)
- commit 61288e7
- smb: client: fix use-after-free in cifs_oplock_break
(bsc#1248199, CVE-2025-38527).
- commit 4692a87
- supported.conf: mark hyperv_drm as external
- net: hv_netvsc: fix loss of early receive events from host
during channel open (git-fixes).
- hv_netvsc: Fix panic during namespace deletion with VF
(bsc#1248111).
- hv_netvsc: Set VF priv_flags to IFF_NO_ADDRCONF before open
to prevent IPv6 addrconf (git-fixes).
- commit 2985c60
- Drop PCI patches that broke kdump capture boot (bsc#1246509)
Deleted:
patches.suse/PCI-Explicitly-put-devices-into-D0-when-initializing.patch
patches.suse/PCI-PM-Set-up-runtime-PM-even-for-devices-without-PC.patch
Refreshed:
patches.suse/PCI-Support-Immediate-Readiness-on-devices-without-PM.patch
- commit 70a44f4
- netfilter: nf_tables: split async and sync catchall in two
functions (git-fixes).
- Refresh
patches.kabi/kABI-make-nft_trans_gc_catchall-public-again.patch.
- commit b907ff6
- netfilter: nf_tables: Fix entries val in rule reset audit log
(git-fixes).
- commit a8ae150
- platform/x86/amd/pmc: Add TUXEDO IB Pro Gen10 AMD to spurious
8042 quirks list (stable-fixes).
- drm/amdgpu: drop hw access in non-DC audio fini (stable-fixes).
- drm/amd/display: Don't warn when missing DCE encoder caps
(stable-fixes).
- commit 2aad2ce
- ALSA: hda/hdmi: Add pin fix for another HP EliteDesk 800 G4
model (stable-fixes).
- ALSA: hda/realtek: Fix headset mic for TongFang X6[AF]R5xxY
(stable-fixes).
- ALSA: usb-audio: Add mute TLV for playback volumes on some
devices (stable-fixes).
- cpupower: Fix a bug where the -t option of the set subcommand
was not working (stable-fixes).
- cdc_ncm: Flag Intel OEM version of Fibocom L850-GL as WWAN
(stable-fixes).
- Bluetooth: hci_sync: Avoid adding default advertising on startup
(stable-fixes).
- commit 3580eab
- ALSA: hda/realtek - Add new HP ZBook laptop with micmute led
fixup (stable-fixes).
- commit 0d08638
- ALSA: hda/realtek: Add support for HP Agusta using CS35L41 HDA
(stable-fixes).
- commit 33271d8
- bpf, bpftool: Fix incorrect disasm pc (git-fixes).
- commit 4188abf
- bpf: bpftool: Setting error code in do_loader() (git-fixes).
- commit 6283bbf
- bpftool: Fix readlink usage in get_fd_type (git-fixes).
- commit ae9652c
- bpftool: fix potential NULL pointer dereferencing in prog_dump()
(git-fixes).
- commit 171c943
- bpftool: Mount bpffs when pinmaps path not under the bpffs
(git-fixes).
- commit fb91e0e
- x86/amd_nb: Restrict init function to AMD-based systems (git-fixes).
- commit f7e4409
- x86/rdrand: Disable RDSEED on AMD Cyan Skillfish (git-fixes).
- commit a5e740f
- x86/fpu: Delay instruction pointer fixup until after warning (git-fixes).
- commit 6c7016a
- x86/microcode/AMD: Handle the case of no BIOS microcode (git-fixes).
- commit 8f2342d
- kernel-subpackage-build: Decompress ghost file when compressed version exists (bsc#1249346)
- commit 40606b5
- kABI workaround for RCU tasks exit tracking (bsc#1246298).
- commit 90e8606
- btrfs: always update fstrim_range on failure in FITRIM ioctl
(git-fixes).
- commit 8b0d717
- netfilter: nf_tables: remove catchall element in GC sync path
(git-fixes).
- Refresh
patches.kabi/kABI-make-nft_trans_gc_catchall-public-again.patch.
- commit 6c470e7
- netfilter: nf_tables: revert do not remove elements if set
backend implements .abort (git-fixes).
- commit 54e2e34
- netfilter: nf_tables: Unbreak audit log reset (git-fixes).
- commit 1d98f3d
- net/mlx5: Check device memory pointer before usage
(CVE-2025-38645 bsc#1248626).
- commit 1353943
- x86/Kconfig: Always enable ARCH_SPARSEMEM_ENABLE (git-fixes).
- commit 74f5e8a
- ceph: validate snapdirname option length when mounting (git-fixes).
- commit 3370873
- ceph: fix possible integer overflow in ceph_zero_objects() (git-fixes).
- commit 096933b
- x86/CPU/AMD: WARN when setting EFER.AUTOIBRS if and only if the WRMSR fails (git-fixes).
- commit 1d1b06c
- btrfs: add cancellation points to trim loops (git-fixes).
- btrfs: split remaining space to discard in chunks (git-fixes).
- btrfs: use SECTOR_SHIFT to convert physical offset to LBA
(git-fixes).
- commit 6bf77bf
- mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn
(git-fixes).
- commit 6e9d9d9
- mm/hwpoison: do not send SIGBUS to processes with recovered
clean pages (git-fixes).
- commit 34ad618
- xen: fix UAF in dmabuf_exp_from_pages() (CVE-2025-38595
bsc#1248380).
- commit 00fd621
- selftests/bpf: Add test cases with CONST_PTR_TO_MAP null checks
(git-fixes).
- selftests/bpf: Add cmp_map_pointer_with_const test (git-fixes).
- bpf: Make reg_not_null() true for CONST_PTR_TO_MAP (git-fixes).
- commit d187572
- PCI: pnv_php: Fix surprise plug detection and recovery
(CVE-2025-38623 bsc#1248610).
- commit e872ea6
- file: add take_fd() cleanup helper (CVE-2025-38595 bsc#1248380).
- commit 7ffa1d7
- drm/rockchip: vop2: fail cleanly if missing a primary plane
for a video-port (CVE-2025-38597 bsc#1248378).
- commit 7f132df
- bpf: Disable migration in nf_hook_run_bpf() (bsc#1248622
CVE-2025-38640).
- commit b485f08
- btrfs: avoid load/store tearing races when checking if an
inode was logged (git-fixes).
- commit 60df77c
- btrfs: fix race between setting last_dir_index_offset and
inode logging (git-fixes).
- commit 9120538
- btrfs: fix race between logging inode and checking if it was
logged before (git-fixes).
- commit 84758cf
- btrfs: always abort transaction on failure to add block group
to free space tree (git-fixes).
- commit 55788e0
- btrfs: move transaction aborts to the error site in
add_block_group_free_space() (git-fixes).
- commit 1bba414
- btrfs: abort transaction on unexpected eb generation at
btrfs_copy_root() (git-fixes).
- commit 47cbfed
- isolcpus: add missing hunk back (bsc#1236897 bsc#1249206).
Update
patches.suse/blk-mq-use-hk-cpus-only-when-isolcpus-managed_irq-is.patch
(bsc#1236897 bsc#1249206).
- commit d06c033
- btrfs: qgroup: fix race between quota disable and quota rescan
ioctl (git-fixes).
- commit 6ecd72c
- btrfs: abort transaction during log replay if walk_log_tree()
failed (git-fixes).
- commit 9ed0531
- netfilter: nf_tables: bogus ENOENT when destroying element
which does not exist (git-fixes).
- commit 1720cdf
- netfilter: nf_conntrack_bridge: initialize err to 0 (git-fixes).
- commit 37ed3f8
- netfilter: nat: fix ipv6 nat redirect with mapped and scoped
addresses (git-fixes).
- commit dc55ccf
- netfilter: xt_recent: fix (increase) ipv6 literal buffer length
(git-fixes).
- commit 9b71437
- netfilter: nf_tables: Carry reset boolean in nft_obj_dump_ctx
(git-fixes).
- commit 1837d60
- netfilter: nf_tables: nft_obj_filter fits into cb->ctx
(git-fixes).
- commit 7ebf747
- netfilter: nf_tables: Carry s_idx in nft_obj_dump_ctx
(git-fixes).
- commit 94eb28c
- netfilter: nf_tables: A better name for nft_obj_filter
(git-fixes).
- commit 4e97e28
- netfilter: nf_tables: Unconditionally allocate nft_obj_filter
(git-fixes).
- commit 71527ef
- netfilter: nf_tables: Drop pointless memset in
nf_tables_dump_obj (git-fixes).
- commit 457aebd
- netfilter: nf_tables: Introduce nf_tables_getrule_single()
(git-fixes).
- commit 1f75537
- netfilter: xt_nfacct: don't assume acct name is null-terminated (CVE-2025-38639 bsc#1248674)
- commit e51b72e
- netfilter: nf_tables: Open-code audit log call in
nf_tables_getrule() (git-fixes).
- commit 05444c9
- netfilter: nft_set_rbtree: prefer sync gc to async worker
(git-fixes).
- commit 3892bab
- netfilter: nft_set_rbtree: rename gc deactivate+erase function
(git-fixes).
- commit ee5de41
- netfilter: nf_tables: Drop pointless memset when dumping rules
(git-fixes).
- commit 9da7ab8
- kABI: netfilter flowtable move gc operation to bottom
(git-fixes).
- commit 81690ca
- netfilter: flowtable: GC pushes back packets to classic path
(git-fixes).
- commit 6e4c347
- Update config files. (bsc#1249186)
Plain run_oldconfig after Kconfig update.
- commit 9d7abe4
- Refresh
patches.suse/kernel-add-product-identifying-information-to-kernel-build.patch. (bsc#1249186)
- commit 99400d5
- x86/mm/64: define ARCH_PAGE_TABLE_SYNC_MASK and
arch_sync_kernel_mappings() (git-fixes).
- commit 79df6a3
- mm: introduce and use {pgd,p4d}_populate_kernel() (git-fixes).
- commit b0342dd
- netfilter: nf_tables: audit log object reset once per table
(git-fixes).
- commit fd6322c
- netfilter: nft_payload: fix wrong mac header matching
(git-fixes).
- commit d699ba5
- netfilter: nfnetlink_log: silence bogus compiler warning
(git-fixes).
- commit f57923e
- mm: move page table sync declarations to linux/pgtable.h
(git-fixes).
- commit 1222abb
- netfilter: nf_tables: do not remove elements if set backend
implements .abort (git-fixes).
- commit 19ebcee
- netfilter: nf_tables: Deduplicate nft_register_obj audit logs
(git-fixes).
- commit 649bcef
- kABI workaround for bluetooth discovery_state change
(CVE-2025-38593 bsc#1248357).
- commit a2afff6
- Bluetooth: hci_sync: fix double free in
'hci_discovery_filter_clear()' (CVE-2025-38593 bsc#1248357).
- Refresh patches.kabi/bluetooth-hci_dev-kabi-workaround.patch.
- commit c998281
- nouveau: fix disabling the nonstall irq due to storm code
(git-fixes).
- commit 476894d
- spi: spi-fsl-lpspi: Reset FIFO and disable module on transfer
abort (git-fixes).
- spi: spi-fsl-lpspi: Set correct chip-select polarity bit
(git-fixes).
- spi: spi-fsl-lpspi: Fix transmissions when using CONT
(git-fixes).
- ACPI/IORT: Fix memory leak in iort_rmr_alloc_sids() (git-fixes).
- hwmon: mlxreg-fan: Prevent fans from getting stuck at 0 RPM
(git-fixes).
- drm/amd/amdgpu: Fix missing error return on kzalloc failure
(git-fixes).
- drm/bridge: ti-sn65dsi86: fix REFCLK setting (git-fixes).
- pcmcia: Add error handling for add_interval() in
do_validate_mem() (git-fixes).
- pcmcia: omap: Add missing check for platform_get_resource
(git-fixes).
- pcmcia: Fix a NULL pointer dereference in
__iodyn_find_io_region() (git-fixes).
- commit 2aa7ff8
- erofs: fix atomic context detection when
!CONFIG_DEBUG_LOCK_ALLOC (git-fixes).
- commit 8bbba66
- net: drop UFO packets in udp_rcv_segment() (CVE-2025-38622
bsc#1248619).
- commit b74a30a
- kABI: adjust new field on ip_ct_sctp struct (git-fixes).
- commit b932c6f
- netfilter: handle the connecting collision properly in
nf_conntrack_proto_sctp (git-fixes).
- commit 935c934
- smb: client: fix use-after-free in crypt_message when using
async crypto (bsc#1247239, CVE-2025-38488).
- commit 4fd2db6
- HID: input: report battery status changes immediately
(git-fixes).
- HID: input: rename hidinput_set_battery_charge_status()
(stable-fixes).
- commit c8518b5
- wifi: ath12k: Pass ab pointer directly to
ath12k_dp_tx_get_encap_type() (CVE-2025-38605 bsc#1248334).
- regulator: core: fix NULL dereference on unbind due to stale
coupling data (CVE-2025-38668 bsc#1248647).
- commit 684e871
- wifi: ath11k: fix group data packet drops during rekey
(git-fixes).
- commit 8f7f429
- ax25: properly unshare skbs in ax25_kiss_rcv() (git-fixes).
- wifi: cfg80211: sme: cap SSID length in
__cfg80211_connect_result() (git-fixes).
- wifi: libertas: cap SSID len in lbs_associate() (git-fixes).
- wifi: cw1200: cap SSID length in cw1200_do_join() (git-fixes).
- batman-adv: fix OOB read/write in network-coding decode
(git-fixes).
- Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen()
(git-fixes).
- Bluetooth: vhci: Prevent use-after-free by removing debugfs
files early (git-fixes).
- mISDN: Fix memory leak in dsp_hwec_enable() (git-fixes).
- xirc2ps_cs: fix register access when enabling FullDuplex
(git-fixes).
- wifi: iwlwifi: uefi: check DSM item validity (git-fixes).
- wifi: mt76: mt7996: Initialize hdr before passing to
skb_put_data() (git-fixes).
- wifi: mwifiex: Initialize the chan_stats array to zero
(git-fixes).
- wifi: brcmfmac: fix use-after-free when rescheduling
brcmf_btcoex_info work (git-fixes).
- wifi: cfg80211: fix use-after-free in cmp_bss() (git-fixes).
- HID: quirks: add support for Legion Go dual dinput modes
(stable-fixes).
- HID: hid-ntrig: fix unable to handle page fault in
ntrig_report_version() (stable-fixes).
- HID: wacom: Add a new Art Pen 2 (stable-fixes).
- Revert "drm/amdgpu: fix incorrect vm flags to map bo"
(stable-fixes).
- net: rose: fix a typo in rose_clear_routes() (git-fixes).
- net: rose: include node references in rose_neigh refcount
(git-fixes).
- net: rose: convert 'use' field to refcount_t (git-fixes).
- net: rose: split remove and free operations in
rose_remove_neigh() (stable-fixes).
- dma/pool: Ensure DMA_DIRECT_REMAP allocations are decrypted
(stable-fixes).
- ASoC: codecs: tx-macro: correct tx_macro_component_drv name
(stable-fixes).
- ACPI: EC: Add device to acpi_ec_no_wakeup[] qurik list
(stable-fixes).
- HID: mcp2221: Handle reads greater than 60 bytes (stable-fixes).
- HID: mcp2221: Don't set bus speed on every transfer
(stable-fixes).
- commit c45df83
- perf: Revert to requiring CAP_SYS_ADMIN for uprobes (bsc#1247442
CVE-2025-38466).
- commit 6200f52
- bpf: Properly test iter/task tid filtering (git-fixes).
- commit 7cae248
- bpf: Fix iter/task tid filtering (git-fixes).
- commit 51eef98
- wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac() (CVE-2025-38643 bsc#1248681)
- commit 913bce0
- netfilter: conntrack: fix extension size table (git-fixes).
- commit 3a3ec96
- netfilter: nf_tables: disallow element removal on anonymous sets
(git-fixes).
- commit ed5fdf4
- netfilter: nft_set_hash: try later when GC hits EAGAIN on
iteration (git-fixes).
- commit 1044906
- netfilter: nft_set_pipapo: stop GC iteration if GC transaction
allocation fails (git-fixes).
- commit 102d93f
- kABI: make nft_trans_gc_catchall() public again (git-fixes).
- commit a176bb1
- netfilter: nft_set_pipapo: call nft_trans_gc_queue_sync()
in catchall GC (git-fixes).
- commit d64bf79
- kABI fix for "netfilter: nf_tables: Audit log rule reset"
(git-fixes).
- commit 5173417
- netfilter: nf_tables: Audit log rule reset (git-fixes).
- commit f27562f
- [ceph] parse_longname(): strrchr() expects NUL-terminated string
(bsc#1248634 CVE-2025-38660).
- commit cc1fe76
- s390/sclp: Fix SCCB present check (git-fixes bsc#1249123).
- s390/time: Use monotonic clock in get_cycles() (git-fixes
bsc#1249125).
- s390/stp: Remove udelay from stp_sync_clock() (git-fixes
bsc#1249124).
- hypfs_create_cpu_files(): add missing check for hypfs_mkdir()
failure (git-fixes bsc#1249122).
- commit a699d99
- Refresh
patches.kabi/kabi-s390-ism-fix-concurrency-management-in-ism_cmd.patch.
- commit e8175f3
- ext4: remove writable userspace mappings before truncating
page cache (bsc#1247223).
- commit afc4afd
- rpm: Configure KABI checkingness macro (bsc#1249186)
The value of the config should match presence of KABI reference data. If
it mismatches:
- !CONFIG & reference -> this is bug, immediate fail
- CONFIG & no reference -> OK temporarily, must be resolved eventually
- commit 23c1536
- Kconfig.suse: Add KABI checkiness macro (config) (bsc#1249186)
The motivation: there are patches.kabi/ patches that restore KABI and
they check validity of the approach with static_assert()s to prevent
accidental KABI breakage.
These asserts are invoked on each arch-flavor and they may signal false
negatives -- that is KABI restoration patch could break KABI but the
given arch-flavor defines no KABI.
The intended use is to disable the compile time checks in patches.kabi/
(but not to be confused with __GENKSYMS__ that affects how reference is
calculated).
The name is chosen so that it mimics HAVE_* macros that are not
configured manually (but is selected by an arch). In our case it's
(un)selected by build script depending on whether KABI reference is
defined for given arch-flavor and whether check is really requested by
the user. Default value is 'n' so that people building merely via
Makefile (not RPM with KABI checking) obtain consistent config.
- commit 5e4e9c5
- s390/pci: Allow automatic recovery with minimal driver support
(git-fixes bsc#1248734 LTC#214880).
- commit 3fdd470
- btrfs: fix data overwriting bug during buffered write when
block size < page size (git-fixes).
- commit d006c37
- btrfs: make found_logical_ret parameter mandatory for function
queue_scrub_stripe() (git-fixes).
- commit da7f7f5
- btrfs: scrub: fix grouping of read IO (git-fixes).
- commit bd555d2
- btrfs: scrub: avoid unnecessary csum tree search preparing
stripes (git-fixes).
- commit d485678
- btrfs: scrub: avoid unnecessary extent tree search preparing
stripes (git-fixes).
- commit a00c933
- btrfs: scrub: remove scrub_ctx::csum_list member (git-fixes).
- commit fa7dbad
- gfs2: No more self recovery (bsc#1248639 CVE-2025-38659).
- gfs2: Get rid of gfs2_glock_queue_put in signal_our_withdraw
(bsc#1248639 CVE-2025-38659).
- commit bdb1b5c
- s390/ism: fix concurrency management in ism_cmd() (git-fixes
bsc#1248735).
- commit 1005186
- usb: xhci: Apply the link chain quirk on NEC isoc endpoints
(CVE-2025-22022 bsc#1241292).
- commit 8a5182c
- usb: xhci: move link chain bit quirk checks into one helper
function (CVE-2025-22022 bsc#1241292).
- commit 4cca94b
- nvme-pci: try function level reset on init failure (git-fixes).
- commit 1ee35d9
- ice: Fix a null pointer dereference in ice_copy_and_init_pkg()
(CVE-2025-38664 bsc#1248628).
- commit 7e27b08
- s390/hypfs: Enable limited access during lockdown (git-fixes
bsc#1248733 LTC#214881).
- s390/hypfs: Avoid unnecessary ioctl registration in debugfs
(git-fixes bsc#1248733 LTC#214881).
- commit 97ff25b
- HID: core: Harden s32ton() against conversion to 0 bits (CVE-2025-38556 bsc#1248296)
- commit 1097818
- rxrpc: Fix bug due to prealloc collision (CVE-2025-38544 bsc#1248225)
- commit bc50a3d
- net: libwx: fix the using of Rx buffer DMA (CVE-2025-38533 bsc#1248200)
- commit 8863383
- ice: add NULL check in eswitch lag check (CVE-2025-38526 bsc#1248192)
- commit 7ad8c40
- rxrpc: Fix oops due to non-existence of prealloc backlog struct (CVE-2025-38514 bsc#1248202)
- commit 4ea1963
- idpf: return 0 size for RSS key if not supported (CVE-2025-38402 bsc#1247262)
- commit 1ca20ce
- remoteproc: core: Release rproc->clean_table after rproc_attach() fails (CVE-2025-38418 bsc#1247137)
- commit 14c64f1
- remoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in rproc_attach() (CVE-2025-38419 bsc#1247136)
- commit 7e69a49
- genirq/irq_sim: Initialize work context pointers properly (CVE-2025-38408 bsc#1247126)
- commit a8d685c
- ipmi:msghandler: Fix potential memory corruption in ipmi_create_user() (CVE-2025-38456 bsc#1247099)
- commit 8a59cf2
- bcache: fix NULL pointer in cache_set_flush() (CVE-2025-38263 bsc#1246248)
- commit d6d8f29
- Update reference in patches.suse/lib-group_cpus-fix-NULL-pointer-dereference-from-gro.patch (CVE-2025-38255 bsc#1246190 bsc#1236897)
- commit 0bab045
- staging: media: atomisp: Fix stack buffer overflow in
gmin_get_var_int() (CVE-2025-38585 bsc#1248355).
- commit f7d8b23
- vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511
CVE-2025-38618).
- commit 0256bd0
- RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (git-fixes)
- commit 5289b12
- RDMA/core: reduce stack using in nldev_stat_get_doit() (git-fixes)
- commit 1ff622a
- KVM: Allow CPU to reschedule while setting per-page memory
attributes (bsc#1248186 CVE-2025-38506).
- commit a7f8a41
- slab: Decouple slab_debug and no_hash_pointers (bsc#1249022).
- commit 41f928f
- RAS/AMD/FMPM: Use atl internal.h for INVALID_SPA (bsc#1242034).
- commit ac5d9dc
- RAS/AMD/FMPM: Get masked address (bsc#1242034).
- commit 4171987
- RAS/AMD/ATL: Include row bit in row retirement (bsc#1242034).
- commit fa3fcbb
- Update
patches.suse/Bluetooth-btnxpuart-Resolve-TX-timeout-error-in-powe.patch
(bsc#1230557 CVE-2024-58238 bsc#1242754).
- Update
patches.suse/HID-quirks-Add-quirk-for-2-Chicony-Electronics-HP-5M.patch
(stable-fixes CVE-2025-38540 bsc#1248208).
- Update
patches.suse/PCI-pnv_php-Clean-up-allocated-IRQs-on-unplug.patch
(bsc#1215199 CVE-2025-38624 bsc#1248617).
- Update
patches.suse/PM-devfreq-Check-governor-before-using-governor-name.patch
(git-fixes CVE-2025-38609 bsc#1248337).
- Update
patches.suse/RDMA-hns-Fix-double-destruction-of-rsv_qp.patch
(git-fixes CVE-2025-38582 bsc#1248349).
- Update
patches.suse/arm64-entry-Mask-DAIF-in-cpu_switch_to-call_on_irq_stack.patch
(git-fixes CVE-2025-38670 bsc#1248655).
- Update
patches.suse/btrfs-fix-assertion-when-building-free-space-tree.patch
(git-fixes CVE-2025-38503 bsc#1248183).
- Update
patches.suse/can-netlink-can_changelink-fix-NULL-pointer-deref-of.patch
(git-fixes CVE-2025-38665 bsc#1248648).
- Update
patches.suse/clk-davinci-Add-NULL-check-in-davinci_lpsc_clk_regis.patch
(git-fixes CVE-2025-38635 bsc#1248573).
- Update
patches.suse/clk-xilinx-vcu-unregister-pll_post-only-if-registere.patch
(git-fixes CVE-2025-38583 bsc#1248350).
- Update
patches.suse/comedi-aio_iiro_16-Fix-bit-shift-out-of-bounds.patch
(git-fixes CVE-2025-38529 bsc#1248196).
- Update
patches.suse/comedi-pcl812-Fix-bit-shift-out-of-bounds.patch
(git-fixes CVE-2025-38530 bsc#1248206).
- Update
patches.suse/crypto-ccp-Fix-crash-when-rebind-ccp-device-for-ccp..patch
(git-fixes CVE-2025-38581 bsc#1248345).
- Update
patches.suse/dmaengine-nbpfaxi-Fix-memory-corruption-in-probe.patch
(git-fixes CVE-2025-38538 bsc#1248213).
- Update patches.suse/drm-amd-display-Fix-vs-typos.patch
(git-fixes CVE-2024-26661 bsc#1222323).
- Update
patches.suse/drm-sched-Increment-job-count-before-swapping-tail-s.patch
(git-fixes CVE-2025-38515 bsc#1248212).
- Update
patches.suse/drm-tegra-nvdec-Fix-dma_alloc_coherent-error-check.patch
(git-fixes CVE-2025-38543 bsc#1248214).
- Update
patches.suse/fbdev-imxfb-Check-fb_add_videomode-to-prevent-null-p.patch
(git-fixes CVE-2025-38630 bsc#1248575).
- Update
patches.suse/hfsplus-remove-mutex_lock-check-in-hfsplus_free_extents.patch
(git-fixes CVE-2025-38650 bsc#1248746).
- Update
patches.suse/hwmon-corsair-cpro-Validate-the-size-of-the-received.patch
(git-fixes CVE-2025-38548 bsc#1248228).
- Update
patches.suse/i2c-qup-jump-out-of-the-loop-in-case-of-timeout.patch
(git-fixes CVE-2025-38671 bsc#1248652).
- Update
patches.suse/ipv6-fix-possible-infinite-loop-in-fib6_info_uses_de.patch
(git-fixes CVE-2025-38587 bsc#1248361).
- Update
patches.suse/ipv6-mcast-Delay-put-pmc-idev-in-mld_del_delrec.patch
(git-fixes CVE-2025-38550 bsc#1248227).
- Update
patches.suse/ipv6-prevent-infinite-loop-in-rt6_nlmsg_size.patch
(git-fixes CVE-2025-38588 bsc#1248368).
- Update
patches.suse/ipv6-reject-malicious-packets-in-ipv6_gso_segment.patch
(git-fixes CVE-2025-38572 bsc#1248399).
- Update
patches.suse/iwlwifi-Add-missing-check-for-alloc_ordered_workqueu.patch
(git-fixes CVE-2025-38602 bsc#1248341).
- Update
patches.suse/kasan-remove-kasan_find_vm_area-to-prevent-possible-.patch
(git-fixes CVE-2025-38510 bsc#1248166).
- Update
patches.suse/ksmbd-fix-out-of-bounds-read-in-smb2_sess_setup.patch
(bsc#1012628 bsc#1213545 CVE-2023-3867).
- Update
patches.suse/ksmbd-fix-wrong-next-length-validation-of-ea-b.patch
(bsc#1012628 CVE-2023-4130 bsc#1248164).
- Update patches.suse/ksmbd-validate-command-request-size.patch
(bsc#1012628 CVE-2023-4515 bsc#1248180).
- Update
patches.suse/md-make-rdev_addable-usable-for-rcu-mode.patch
(git-fixes CVE-2025-38621 bsc#1248609).
- Update
patches.suse/net-packet-fix-a-race-in-packet_set_ring-and-packet_.patch
(git-fixes CVE-2025-38617 bsc#1248621).
- Update patches.suse/net-phy-Don-t-register-LEDs-for-genphy.patch
(git-fixes CVE-2025-38537 bsc#1248229).
- Update
patches.suse/net-sched-Restrict-conditions-for-adding-duplicating.patch
(git-fixes CVE-2025-38553 bsc#1248255).
- Update
patches.suse/net-sched-mqprio-fix-stack-out-of-bounds-write-in-tc.patch
(git-fixes CVE-2025-38568 bsc#1248386).
- Update
patches.suse/nilfs2-reject-invalid-file-types-when-reading-inodes.patch
(git-fixes CVE-2025-38663 bsc#1248636).
- Update patches.suse/perf-core-Exit-early-on-perf_mmap-fail.patch
(CVE-2025-38563 bsc#1248306 dependency CVE-2025-38565
bsc#1248377).
- Update
patches.suse/phy-tegra-xusb-Fix-unbalanced-regulator-disable-in-U.patch
(git-fixes CVE-2025-38535 bsc#1248240).
- Update
patches.suse/pinctrl-qcom-msm-mark-certain-pins-as-invalid-for-in.patch
(git-fixes CVE-2025-38516 bsc#1248209).
- Update
patches.suse/pinmux-fix-race-causing-mux_owner-NULL-with-active-m.patch
(git-fixes CVE-2025-38632 bsc#1248669).
- Update
patches.suse/power-supply-cpcap-charger-Fix-null-check-for-power_.patch
(git-fixes CVE-2025-38634 bsc#1248666).
- Update
patches.suse/powercap-dtpm_cpu-Fix-NULL-pointer-dereference-in-ge.patch
(git-fixes CVE-2025-38610 bsc#1248395).
- Update
patches.suse/powerpc-eeh-Make-EEH-driver-device-hotplug-safe.patch
(bsc#1215199 CVE-2025-38576 bsc#1248354).
- Update
patches.suse/staging-fbtft-fix-potential-memory-leak-in-fbtft_fra.patch
(git-fixes CVE-2025-38612 bsc#1248390).
- Update
patches.suse/sunrpc-fix-client-side-handling-of-tls-alerts.patch
(git-fixes CVE-2025-38571 bsc#1248401).
- Update
patches.suse/sunrpc-fix-handling-of-server-side-tls-alerts.patch
(git-fixes CVE-2025-38566 bsc#1248374).
- Update
patches.suse/tls-stop-recv-if-initial-process_rx_list-gave-us-non.patch
(bsc#1221858 CVE-2024-58239 bsc#1248614).
- Update
patches.suse/usb-gadget-fix-use-after-free-in-composite_dev_clean.patch
(git-fixes CVE-2025-38555 bsc#1248297).
- Update
patches.suse/wifi-ath11k-clear-initialized-flag-for-deinit-ed-srn.patch
(git-fixes CVE-2025-38601 bsc#1248340).
- Update
patches.suse/wifi-iwlwifi-Fix-error-code-in-iwl_op_mode_dvm_start.patch
(git-fixes CVE-2025-38656 bsc#1248643).
- Update
patches.suse/wifi-mac80211-reject-TDLS-operations-when-station-is.patch
(git-fixes CVE-2025-38644 bsc#1248748).
- Update
patches.suse/wifi-mt76-mt7925-Fix-null-ptr-deref-in-mt7925_therma.patch
(git-fixes CVE-2025-38541 bsc#1248216).
- Update
patches.suse/wifi-prevent-A-MSDU-attacks-in-mesh-networks.patch
(stable-fixes CVE-2025-38512 bsc#1248178).
- Update
patches.suse/wifi-rtl818x-Kill-URBs-before-clearing-tx-status-que.patch
(git-fixes CVE-2025-38604 bsc#1248333).
- Update
patches.suse/wifi-rtw89-avoid-NULL-dereference-when-RX-problemati.patch
(git-fixes CVE-2025-38646 bsc#1248577).
- Update
patches.suse/wifi-zd1211rw-Fix-potential-NULL-pointer-dereference.patch
(git-fixes CVE-2025-38513 bsc#1248179).
- commit efc5ee0
- HID: asus: fix UAF via HID_CLAIMED_INPUT validation (git-fixes).
- HID: multitouch: fix slab out-of-bounds access in
mt_report_fixup() (git-fixes).
- drm/mediatek: Fix device/node reference count leaks in
mtk_drm_get_all_drm_priv (git-fixes).
- drm/msm/kms: move snapshot init earlier in KMS init (git-fixes).
- drm/msm: Defer fd_install in SUBMIT ioctl (git-fixes).
- drm/nouveau: remove unused memory target test (git-fixes).
- drm/nouveau: remove unused increment in gm200_flcn_pio_imem_wr
(git-fixes).
- drm/nouveau: fix error path in nvkm_gsp_fwsec_v2 (git-fixes).
- drm/nouveau/disp: Always accept linear modifier (git-fixes).
- mISDN: hfcpci: Fix warning when deleting uninitialized timer
(git-fixes).
- Bluetooth: hci_sync: fix set_local_name race condition
(git-fixes).
- Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is
unbalanced (git-fixes).
- Bluetooth: hci_event: Mark connection as closed during suspend
disconnect (git-fixes).
- Bluetooth: hci_event: Treat UNKNOWN_CONN_ID on disconnect as
success (git-fixes).
- commit f54cbc7
- clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() (CVE-2025-38160 bsc#1245780)
- commit f8670f7
- tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (CVE-2025-38184 bsc#1245956)
- commit 263759a
- drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 (CVE-2025-38205 bsc#1246005)
- commit e09f72d
- smb: client: add NULL check in automount_fullpath (CVE-2025-38208 bsc#1245815)
- commit 04d79fb
- net: stmmac: make sure that ptp_rate is not 0 before configuring EST (CVE-2025-38125 bsc#1245710)
- commit 0fcfa4f
- pNFS: Fix disk addr range check in block/scsi layout
(git-fixes).
- commit c36ff17
- pNFS: Fix stripe mapping in block/scsi layout (git-fixes).
- commit 5bf6a36
- pNFS: Handle RPC size limit for layoutcommits (git-fixes).
- commit 36dee9f
- pNFS: Fix uninited ptr deref in block/scsi layout (git-fixes).
- commit 8d7a7ee
- jfs: truncate good inode pages when hard link is 0 (git-fixes).
- commit 7e762b7
- jfs: Regular file corruption check (git-fixes).
- commit 4f3d801
- jfs: upper bound check of tree index in dbAllocAG (git-fixes).
- commit 997ac87
- hfs: fix slab-out-of-bounds in hfs_bnode_read() (git-fixes).
- commit 1ea8ac2
- hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read()
(git-fixes).
- commit 34d35cb
- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()
(git-fixes).
- commit 07b3674
- hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file()
(git-fixes).
- commit edddb1c
- hfs: fix not erasing deleted b-tree node issue (git-fixes).
- commit 9b06f84
- fs/orangefs: use snprintf() instead of sprintf() (git-fixes).
- commit 9e05c62
- exfat: add cluster chain loop check for dir (git-fixes).
- commit 50f0877
- drm/amdkfd: Don't call mmput from MMU notifier callback (bsc#1248217 CVE-2025-38520)
- commit c848230
- kernel-binary: Another installation ordering fix (bsc#1241353).
- commit fe14ab5
- drm/amdgpu: fix task hang from failed job submission during
process kill (git-fixes).
- commit 6aefbfc
- usb: dwc3: Remove WARN_ON for device endpoint command timeouts
(stable-fixes).
- USB: storage: Ignore driver CD mode for Realtek multi-mode
Wi-Fi dongles (stable-fixes).
- usb: dwc3: pci: add support for the Intel Wildcat Lake
(stable-fixes).
- USB: storage: Add unusual-devs entry for Novatek NTK96550-based
camera (stable-fixes).
- usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1
Flash Drive (stable-fixes).
- rtc: ds1307: handle oscillator stop flag (OSF) for ds1341
(stable-fixes).
- rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe
(stable-fixes).
- watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek
WS0 race condition (stable-fixes).
- watchdog: dw_wdt: Fix default timeout (stable-fixes).
- watchdog: iTCO_wdt: Report error if timeout configuration fails
(stable-fixes).
- soundwire: amd: serialize amd manager resume sequence during
pm_prepare (stable-fixes).
- power: supply: qcom_battmgr: Add lithium-polymer entry
(stable-fixes).
- pwm: mediatek: Fix duty and period setting (git-fixes).
- pwm: mediatek: Handle hardware enable and clock enable
separately (stable-fixes).
- wifi: ath12k: Correct tid cleanup when tid setup fails
(stable-fixes).
- wifi: ath12k: Add memset and update default rate value in wmi
tx completion (stable-fixes).
- wifi: cfg80211: reject HTC bit for management frames
(stable-fixes).
- wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg()
for USB (stable-fixes).
- wifi: rtw89: Fix rtw89_mac_power_switch() for USB
(stable-fixes).
- wifi: rtw89: Disable deep power saving for USB/SDIO
(stable-fixes).
- wifi: iwlwifi: mvm: set gtk id also in older FWs (stable-fixes).
- wifi: iwlwifi: mvm: fix scan request validation (stable-fixes).
- wifi: cfg80211: Fix interface type validation (stable-fixes).
- wifi: mac80211: don't complete management TX on SAE commit
(stable-fixes).
- wifi: mac80211: fix rx link assignment for non-MLO stations
(stable-fixes).
- wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch
(stable-fixes).
- wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd()
(stable-fixes).
- wifi: iwlwifi: fw: Fix possible memory leak in
iwl_fw_dbg_collect (stable-fixes).
- wifi: rtlwifi: fix possible skb memory leak in
`_rtl_pci_rx_interrupt()` (stable-fixes).
- wifi: rtlwifi: fix possible skb memory leak in
_rtl_pci_init_one_rxdesc() (stable-fixes).
- wifi: ath12k: Enable REO queue lookup table feature on QCN9274
hw2.0 (stable-fixes).
- wifi: ath12k: Decrement TID on RX peer frag setup error handling
(stable-fixes).
- wifi: mac80211: update radar_required in channel context after
channel switch (stable-fixes).
- wifi: iwlegacy: Check rate_idx range after addition
(stable-fixes).
- reset: brcmstb: Enable reset drivers for ARCH_BCM2835
(stable-fixes).
- usb: xhci: print xhci->xhc_state when queue_command failed
(stable-fixes).
- usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2
and Default (stable-fixes).
- usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device
Command (stable-fixes).
- usb: xhci: Avoid showing warnings for dying controller
(stable-fixes).
- usb: xhci: Avoid showing errors during surprise removal
(stable-fixes).
- usb: core: config: Prevent OOB read in SS endpoint companion
parsing (stable-fixes).
- usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present
(stable-fixes).
- usb: core: usb_submit_urb: downgrade type check (stable-fixes).
- thermal: sysfs: Return ENODATA instead of EAGAIN for reads
(stable-fixes).
- thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown
when required (stable-fixes).
- pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in
mperf_stop() (stable-fixes).
- PM: runtime: Clear power.needs_force_resume in
pm_runtime_reinit() (stable-fixes).
- PM: sleep: console: Fix the black screen issue (stable-fixes).
- PM / devfreq: governor: Replace sscanf() with kstrtoul()
in set_freq_store() (stable-fixes).
- commit 3e165bb
- net: phy: smsc: add proper reset flags for LAN8710A
(stable-fixes).
- pinctrl: stm32: Manage irq affinity settings (stable-fixes).
- phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal
(stable-fixes).
- media: v4l2-common: Reduce warnings about missing
V4L2_CID_LINK_FREQ control (stable-fixes).
- media: tc358743: Return an appropriate colorspace from
tc358743_set_fmt (stable-fixes).
- media: tc358743: Check I2C succeeded during probe
(stable-fixes).
- media: tc358743: Increase FIFO trigger level to 374
(stable-fixes).
- media: usb: hdpvr: disable zero-length read messages
(stable-fixes).
- net: phy: micrel: Add ksz9131_resume() (stable-fixes).
- net: thunderbolt: Enable end-to-end flow control also in
transmit (stable-fixes).
- net: thunderbolt: Fix the parameter passing of
tb_xdomain_enable_paths()/tb_xdomain_disable_paths()
(stable-fixes).
- mmc: sdhci-msm: Ensure SD card power isn't ON when card removed
(stable-fixes).
- mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode()
(stable-fixes).
- mei: bus: Check for still connected devices in
mei_cl_bus_dev_release() (stable-fixes).
- platform/chrome: cros_ec_typec: Defer probe on missing EC parent
(stable-fixes).
- platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk
list (stable-fixes).
- commit 49985d1
- iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe()
(git-fixes).
- ipmi: Use dev_warn_ratelimited() for incorrect message warnings
(stable-fixes).
- ipmi: Fix strcpy source and destination the same (stable-fixes).
- i2c: Force DLL0945 touchpad i2c freq to 100khz (stable-fixes).
- i3c: don't fail if GETHDRCAP is unsupported (stable-fixes).
- i3c: master: Initialize ret in i3c_i2c_notifier_call()
(stable-fixes).
- hwmon: (emc2305) Set initial PWM minimum value during probe
based on thermal state (stable-fixes).
- media: dvb-frontends: dib7090p: fix null-ptr-deref in
dib7090p_rw_on_apb() (stable-fixes).
- media: dvb-frontends: w7090p: fix null-ptr-deref in
w7090p_tuner_write_serpar and w7090p_tuner_read_serpar
(stable-fixes).
- media: uvcvideo: Fix bandwidth issue for Alcor camera
(stable-fixes).
- leds: leds-lp50xx: Handle reg to get correct multi_index
(stable-fixes).
- iio: adc: ad_sigma_delta: don't overallocate scan buffer
(stable-fixes).
- iio: imu: inv_icm42600: use = { } instead of memset()
(stable-fixes).
- iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing
requirement (stable-fixes).
- gpio: wcd934x: check the return value of regmap_update_bits()
(stable-fixes).
- gpio: tps65912: check the return value of regmap_update_bits()
(stable-fixes).
- iio: imu: inv_icm42600: switch timestamp type from int64_t
__aligned(8) to aligned_s64 (stable-fixes).
- commit cf6f726
- drm/amd/display: Fix DP audio DTO1 clock source on DCE 6
(stable-fixes).
- drm/amd/display: Fill display clock and vblank time in
dce110_fill_display_configs (stable-fixes).
- drm/amd/display: Find first CRTC and its line time in
dce110_fill_display_configs (stable-fixes).
- drm/amd/display: Avoid a NULL pointer dereference
(stable-fixes).
- drm/amdkfd: Destroy KFD debugfs after destroy KFD wq
(stable-fixes).
- drm/amd/display: Add primary plane to commits for correct VRR
handling (stable-fixes).
- drm/amdgpu: update mmhub 3.0.1 client id mappings
(stable-fixes).
- drm/amd: Restore cached power limit during resume
(stable-fixes).
- fbdev: Fix vmalloc out-of-bounds write in fast_imageblit
(stable-fixes).
- fbdev: fix potential buffer overflow in
do_register_framebuffer() (stable-fixes).
- drm/amd/display: Only finalize atomic_obj if it was initialized
(stable-fixes).
- drm/amd/display: Avoid configuring PSR granularity if PSR-SU
not supported (stable-fixes).
- drm/amdgpu: Avoid extra evict-restore process (stable-fixes).
- crypto: hisilicon/hpre - fix dma unmap sequence (stable-fixes).
- crypto: jitter - fix intermediary handling (stable-fixes).
- crypto: qat - lower priority for skcipher and aead algorithms
(stable-fixes).
- crypto: octeontx2 - add timeout for load_fvc completion poll
(stable-fixes).
- drm/msm: use trylock for debugfs (stable-fixes).
- drm/amd/display: Separate set_gsl from set_gsl_source_select
(stable-fixes).
- drm/amd/display: Fix 'failed to blank crtc!' (stable-fixes).
- drm/amd: Allow printing VanGogh OD SCLK levels without setting
dpm to manual (stable-fixes).
- drm/amd/display: Avoid trying AUX transactions on disconnected
ports (stable-fixes).
- drm/dp: Change AUX DPCD probe address from DPCD_REV to
LANE0_1_STATUS (stable-fixes).
- drm/ttm: Should to return the evict error (stable-fixes).
- drm/ttm: Respect the shrinker core free target (stable-fixes).
- et131x: Add missing check after DMA map (stable-fixes).
- comedi: fix race between polling and detaching (git-fixes).
- char: misc: Fix improper and inaccurate error code returned
by misc_init() (stable-fixes).
- commit adab316
- ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6
and EliteBook 830 G6 (stable-fixes).
- ALSA: hda/realtek: Fix headset mic on HONOR BRB-X
(stable-fixes).
- ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300)
to quirks (stable-fixes).
- ASoC: Intel: avs: Fix uninitialized pointer error in probe()
(stable-fixes).
- Bluetooth: hci_sock: Reset cookie to zero in
hci_sock_free_cookie() (stable-fixes).
- ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level()
was successed (stable-fixes).
- ASoC: hdac_hdmi: Rate limit logging on connection and
disconnection (stable-fixes).
- ASoC: core: Check for rtd == NULL in
snd_soc_remove_pcm_runtime() (stable-fixes).
- ASoC: codecs: rt5640: Retry DEVICE_ID verification
(stable-fixes).
- commit c1f1889
- ALSA: hda: Handle the jack polling always via a work
(stable-fixes).
- ALSA: hda: Disable jack polling at shutdown (stable-fixes).
- ALSA: intel8x0: Fix incorrect codec index usage in mixer for
ICH4 (stable-fixes).
- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control
(stable-fixes).
- ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop
(stable-fixes).
- ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros
(stable-fixes).
- ACPI: APEI: send SIGBUS to current task if synchronous memory
error not recovered (stable-fixes).
- ACPI: processor: fix acpi_object initialization (stable-fixes).
- commit d6d6e01
- xfrm: interface: fix use-after-free after changing collect_md
xfrm interface (CVE-2025-38500 bsc#1248088).
- rxrpc: Fix recv-recv race of completed call (CVE-2025-38524
bsc#1248194).
- atm: clip: Fix memory leak of struct clip_vcc (CVE-2025-38546
bsc#1248223).
- commit 57cffb2
- x86/sev: Evict cache lines during SNP memory validation
(CVE-2025-38560 bsc#1248312).
- commit 0d489ec
- hid: hide cleanup of hid_descriptor (CVE-2025-38103
bsc#1245663).
- commit 58f3abc
- HID: usbhid: Eliminate recurrent out-of-bounds bug in
usbhid_parse() (CVE-2025-38103 bsc#1245663).
- blacklist.conf: removed erroneous entry
- commit 5f4ef22
- rpm/config.sh: Update Leap project
- commit 20eb23b
- selftests/perf_events: Add a mmap() correctness test
(CVE-2025-38563 bsc#1248306 selftest).
- commit 919a844
- bpf: fix kfunc btf caching for modules (git-fixes).
- commit 5ae4aa5
- perf/core: Prevent VMA split of buffer mappings (CVE-2025-38563
bsc#1248306).
- commit d1daec3
- perf/core: Exit early on perf_mmap() fail (CVE-2025-38563
bsc#1248306 dependency).
- commit 4deadd8
- perf/core: Don't leak AUX buffer refcount on allocation failure
(CVE-2025-38563 bsc#1248306 dependency).
- commit d26658d
- bpf: use kvzmalloc to allocate BPF verifier environment
(git-fixes).
- commit fd28e75
- selftests/bpf: Verify that sync_linked_regs preserves subreg_def
(bsc#1234156 CVE-2024-53125).
- commit cee135e
- samples/bpf: Fix compilation errors with cf-protection option
(git-fixes).
- commit 388c9e8
- selftests/bpf: fexit_sleep: Fix stack allocation for arm64
(git-fixes).
- commit 2d627c6
- Update config files.
No functional change, this is only refresh to have configs in sync with
Kconfig.
- commit 1943697
- Refresh
patches.kabi/bpf-bpf_link-and-bpf_link_ops-kABI-workaround.patch.
- Refresh
patches.kabi/kabi-hide-new-member-fallback_lock-in-struct-mptcp_s.patch.
- Refresh
patches.kabi/kabi-restore-layout-of-struct-mem_control.patch.
- Refresh
patches.kabi/kabi-restore-layout-of-struct-page_counter.patch.
- Refresh
patches.kabi/kabi-s390-ism-fix-concurrency-management-in-ism_cmd.patch
- Refresh
patches.kabi/xsk-Fix-race-condition-in-AF_XDP-generic-RX-path.patch.
Manual adjustment of guards in KABI workaround patches -- we do not need
specific conditioning thanks to new macro that is engaged iff needed.
- commit f47a39f
- build_bug.h: Add KABI assert (bsc#1249186).
- commit 7ab6a56
- iio: common: st_sensors: Fix use of uninitialize device structs
(CVE-2025-38531 bsc#1248205).
- commit 2739cf9
- usb: xhci: Fix slot_id resource race conflict (git-fixes).
- commit 40d11e8
- usb: dwc3: fix fault at system suspend if device was already
runtime suspended (git-fixes).
- commit 03244f6
- usb: dwc3: core: Fix system suspend on TI AM62 platforms
(git-fixes).
- commit ae2a72e
- pinctrl: STMFX: add missing HAS_IOMEM dependency (git-fixes).
- most: core: Drop device reference after usage in get_channel()
(git-fixes).
- usb: storage: realtek_cr: Use correct byte order for
bcs->Residue (git-fixes).
- usb: dwc3: Ignore late xferNotReady event to prevent halt
timeout (git-fixes).
- usb: core: hcd: fix accessing unmapped memory in
SINGLE_STEP_SET_FEATURE test (git-fixes).
- usb: renesas-xhci: Fix External ROM access timeouts (git-fixes).
- mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e()
for consistency (git-fixes).
- commit f954d9b
- iio: proximity: isl29501: fix buffered read on big-endian
systems (git-fixes).
- comedi: Make insn_rw_emulate_bits() do insn->n samples
(git-fixes).
- comedi: Fix use of uninitialized memory in do_insn_ioctl()
and do_insnlist_ioctl() (git-fixes).
- comedi: pcl726: Prevent invalid irq number (git-fixes).
- cdx: Fix off-by-one error in cdx_rpmsg_probe() (git-fixes).
- drm/hisilicon/hibmc: fix the hibmc loaded failed bug
(git-fixes).
- iosys-map: Fix undefined behavior in iosys_map_clear()
(git-fixes).
- drm/nouveau: fix typos in comments (git-fixes).
- drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor()
(git-fixes).
- drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3
(git-fixes).
- drm/amd/display: Adjust DCE 8-10 clock, don't overclock by 15%
(git-fixes).
- drm/amd/display: Don't overclock DCE 6 by 15% (git-fixes).
- drm/amd/display: Add null pointer check in
mod_hdcp_hdcp1_create_session() (git-fixes).
- memstick: Fix deadlock by moving removing flag earlier
(git-fixes).
- ALSA: usb-audio: Use correct sub-type for UAC3 feature unit
validation (git-fixes).
- ALSA: hda/realtek: Audio disappears on HP 15-fc000 after warm
boot again (git-fixes).
- ALSA: hda/realtek: Fix headset mic on ASUS Zenbook 14
(git-fixes).
- ALSA: usb-audio: Fix size validation in convert_chmap_v3()
(git-fixes).
- commit 0a99e72
- bpf: Reject narrower access to pointer ctx fields (bsc#1248363
CVE-2025-38591).
- commit 2a67c58
- md: make rdev_addable usable for rcu mode (git-fixes).
- scsi: sd: Make sd shutdown issue START STOP UNIT appropriately
(git-fixes).
- scsi: Revert "scsi: iscsi: Fix HW conn removal use after free"
(git-fixes).
- scsi: mpt3sas: Fix a fw_event memory leak (git-fixes).
- scsi: isci: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: mvsas: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: elx: efct: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: core: Fix kernel doc for scsi_track_queue_full()
(git-fixes).
- scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value (git-fixes).
- scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems
(git-fixes).
- scsi: mpi3mr: Fix race between config read submit and interrupt
completion (git-fixes).
- scsi: mpi3mr: Fix kernel-doc issues in mpi3mr_app.c (git-fixes).
- sunvdc: Balance device refcount in vdc_port_mpgroup_check
(git-fixes).
- md: allow removing faulty rdev during resync (git-fixes).
- block: mtip32xx: Fix usage of dma_map_sg() (git-fixes).
- ublk: use vmalloc for ublk_device's __queues (git-fixes).
- loop: use kiocb helpers to fix lockdep warning (git-fixes).
- block: fix kobject leak in blk_unregister_queue (git-fixes).
- md/raid1,raid10: strip REQ_NOWAIT from member bios (git-fixes).
- ublk: sanity check add_dev input for underflow (git-fixes).
- aoe: defer rexmit timer downdev work to workqueue (git-fixes).
- commit e0823df
- clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (CVE-2025-38499 bsc#1247976)
- commit a7416f7
- atm: clip: Fix NULL pointer dereference in vcc_sendmsg() (CVE-2025-38458 bsc#1247116)
- commit 17419dc
- atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister() (CVE-2025-38245 bsc#1246193)
- commit c9503c1
- btrfs: fix adding block group to a reclaim list and the unused
list during reclaim (git-fixes).
- btrfs: retry block group reclaim without infinite loop
(git-fixes).
- commit 0a86fac
- btrfs: fix bitmap leak when loading free space cache on
duplicate entry (git-fixes).
- commit 72cd329
- btrfs: run delayed iputs when flushing delalloc (git-fixes).
- btrfs: update target inode's ctime on unlink (git-fixes).
- commit 8eb6c44
- btrfs: fix data race when accessing the inode's disk_i_size
at btrfs_drop_extents() (git-fixes).
- commit 04c28bf
- squashfs: fix memory leak in squashfs_fill_super (git-fixes).
- commit 7c9f4fd
- btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper
error handling (git-fixes).
- commit 0d7a95c
- btrfs: correctly escape subvol in btrfs_show_options()
(git-fixes).
- commit 8ae9b3b
- atm: Revert atm_account_tx() if copy_from_iter_full() fails (CVE-2025-38190 bsc#1245973)
- commit ee168d7
- atm: atmtcp: Free invalid length skb in atmtcp_c_send() (CVE-2025-38185 bsc#1246012)
- commit 3034c5a
- md/raid1: Fix stack memory use after return in raid1_reshape (CVE-2025-38445 bsc#1247229)
- commit c07b722
- bpf, ktls: Fix data corruption when using bpf_msg_pop_data()
in ktls (bsc#1248338 CVE-2025-38608).
- commit 70a5de5
- RDMA/hns: Fix dip entries leak on devices newer than hip09 (git-fixes)
- commit b03653b
- RDMA/bnxt_re: Fix to initialize the PBL array (git-fixes)
- commit 99342e6
- RDMA/bnxt_re: Fix a possible memory leak in the driver (git-fixes)
- commit d8fc453
- RDMA/bnxt_re: Fix to remove workload check in SRQ limit path (git-fixes)
- commit d6073c4
- RDMA/bnxt_re: Fix to do SRQ armena by default (git-fixes)
- commit 43a4c91
- RDMA/erdma: Fix ignored return value of init_kernel_qp (git-fixes)
- commit 184f89d
- atm: clip: Fix infinite recursive call of clip_push() (CVE-2025-38459 bsc#1247119)
- commit cace503
- atm: clip: prevent NULL deref in clip_push() (CVE-2025-38251 bsc#1246181)
- commit 955d194
- bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT (CVE-2025-38439 bsc#1247155)
- commit fad3d81
- ACPI: pfr_update: Fix the driver update version check
(git-fixes).
- net: usb: asix_devices: Fix PHY address mask in MDIO bus
initialization (git-fixes).
- Bluetooth: hci_conn: do return error from
hci_enhanced_setup_sync() (git-fixes).
- Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established
(git-fixes).
- commit 5ef3e7e
- raid10: cleanup memleak at raid10_make_request (CVE-2025-38444 bsc#1247162)
- commit 08daebe
- net: openvswitch: Fix the dead loop of MPLS parse
(CVE-2025-38146 bsc#1245767).
- commit 2d16fb7
- Update patches.kabi/kabi-hide-new-member-fallback_lock-in-struct-mptcp_s.patch.
Perform the build time check that struct mptcp_sock layout only when
CONFIG_SUSE_KERNEL_SUPPORTED is enabled. Some kernel-debug builds do not
have the hole we rely on in the kabi hack. (But those do not have to
preserve kABI so that we can simply disable the check.)
- commit 21df537
- kabi: hide new member fallback_lock in struct mptcp_sock
(CVE-2025-38491 bsc#1247280).
- mptcp: make fallback action and fallback decision atomic
(CVE-2025-38491 bsc#1247280).
- mptcp: safety check before fallback (CVE-2025-38491
bsc#1247280).
- mptcp: reset when MPTCP opts are dropped after join (git-fixes).
- mptcp: fallback when MPTCP opts are dropped after 1st data
(git-fixes).
- commit 7bb090d
- tipc: Fix use-after-free in tipc_conn_close() (CVE-2025-38464
bsc#1247112).
- commit 7a2a262
- x86/vmscape: Warn when STIBP is disabled with SMT (bsc#1247483 CVE-2025-40300).
- commit 25dd084
- x86/bugs: Move cpu_bugs_smt_update() down (bsc#1247483 CVE-2025-40300).
- commit 4b9a38a
- x86/vmscape: Enable the mitigation (bsc#1247483 CVE-2025-40300).
- Update config files.
- commit 2ae4103
- bpf: Reject %p% format string in bprintf-like helpers
(bsc#1248198 CVE-2025-38528).
- commit b8830ae
- md/md-cluster: handle REMOVE message earlier (bsc#1247057).
- commit b9c1ff5
- scsi: target: iscsi: Fix timeout on deleted connection (CVE-2025-38075 bsc#1244734)
- commit 9bfd228
- net: mctp: Don't access ifa_index when missing (CVE-2025-38006 bsc#1244930)
- commit d0d056e
- netfilter: nft_set_pipapo: clamp maximum map bucket size to
INT_MAX (CVE-2025-38201 bsc#1245977).
- commit 2f63881
- netfilter: flowtable: account for Ethernet header in
nf_flow_pppoe_proto() (CVE-2025-38441 bsc#1247167).
- commit 0a2f320
- netfilter: nf_conntrack: fix crash due to removal of
uninitialised entry (CVE-2025-38472 bsc#1247313).
- commit 1779cac
- x86/vmscape: Add conditional IBPB mitigation (bsc#1247483 CVE-2025-40300).
- commit 80ca68e
- x86/vmscape: Enumerate VMSCAPE bug (bsc#1247483 CVE-2025-40300).
- commit ed3190c
- Documentation/hw-vuln: Add VMSCAPE documentation (bsc#1247483 CVE-2025-40300).
- commit 9b7d62a
- powerpc/kernel: Fix ppc_save_regs inclusion in build
(bsc#1215199).
- powerpc: do not build ppc_save_regs.o always (bsc#1215199).
- commit 3402e7e
- powerpc/eeh: Make EEH driver device hotplug safe (bsc#1215199).
- powerpc/eeh: Export eeh_unfreeze_pe() (bsc#1215199).
- PCI: pnv_php: Work around switches with broken presence
detection (bsc#1215199).
- PCI: pnv_php: Clean up allocated IRQs on unplug (bsc#1215199).
- arch/powerpc: Remove .interp section in vmlinux (bsc#1215199).
- powerpc/eeh: Rely on dev->link_active_reporting (bsc#1215199).
- commit 0bddfac
- ata: libata-scsi: Fix CDL control (git-fixes).
- commit c04f51b
- drm/amdgpu: fix incorrect vm flags to map bo (git-fixes).
- ALSA: usb-audio: Validate UAC3 cluster segment descriptors
(git-fixes).
- ALSA: usb-audio: Validate UAC3 power domain descriptors, too
(git-fixes).
- gpio: mlxbf3: use platform_get_irq_optional() (git-fixes).
- Revert "gpio: mlxbf3: only get IRQ for device instance 0"
(git-fixes).
- soc/tegra: pmc: Ensure power-domains are in a known state
(git-fixes).
- phy: mscc: Fix parsing of unicast frames (git-fixes).
- ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx()
(git-fixes).
- selftests: rtnetlink.sh: remove esp4_offload after test
(git-fixes).
- Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer
TX10UB Nano (stable-fixes).
- kselftest/arm64: Fix check for setting new VLs in sve-ptrace
(git-fixes).
- selftests: Fix errno checking in syscall_user_dispatch test
(git-fixes).
- selftests/tracing: Fix false failure of subsystem event test
(git-fixes).
- USB: serial: option: add Foxconn T99W709 (stable-fixes).
- ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx
(stable-fixes).
- ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx
(stable-fixes).
- ASoC: Intel: fix SND_SOC_SOF dependencies (stable-fixes).
- ASoC: amd: yc: add DMI quirk for ASUS M6501RM (stable-fixes).
- commit 19adc9d
- net: usb: asix_devices: add phy_mask for ax88772 mdio bus
(git-fixes).
- commit 206e9eb
- ACPI: processor: perflib: Move problematic pr->performance check
(git-fixes).
- commit 742e4e7
- btrfs: fix the length of reserved qgroup to free (bsc#1240708)
- commit e3e4e05
- btrfs: fix qgroup reserve leaks in cow_file_range (CVE-2024-46733 bsc#1230708)
- commit 20ff141
- Move pesign-obs-integration requirement from kernel-syms to kernel devel
subpackage (bsc#1248108).
- commit e707e41
- mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() (git-fixes)
- commit bf13671
- arm64: dts: imx8mm-venice-gw7904: Increase HS400 USDHC clock speed (git-fixes)
- commit 246a69b
- arm64: dts: imx8mm-venice-gw7903: Increase HS400 USDHC clock speed (git-fixes)
- commit 4fac981
- arm64: dts: imx8mn-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)
- commit 9beeb6d
- arm64: dts: imx8mm-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes)
- commit 173d0a1
- PCI: rockchip: Set Target Link Speed to 5.0 GT/s before
retraining (git-fixes).
- PCI: rockchip: Use standard PCIe definitions (git-fixes).
- PCI: imx6: Delay link start until configfs 'start' written
(git-fixes).
- PCI: imx6: Remove apps_reset toggling from
imx_pcie_{assert/deassert}_core_reset (git-fixes).
- PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4
in epc_features (git-fixes).
- PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge
(git-fixes).
- PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports
(git-fixes).
- kABI: PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug
Capable ports (git-fixes).
- PCI: Support Immediate Readiness on devices without PM
capabilities (git-fixes).
- PCI: apple: Fix missing OF node reference in
apple_pcie_setup_port (git-fixes).
- PCI: Add ACS quirk for Loongson PCIe (git-fixes).
- commit e24dcd6
- arm64: dts: imx8mm-venice-gw7901: Increase HS400 USDHC clock speed (git-fixes)
- commit 271991a
- arm64: dts: imx8mm-venice-gw700x: Increase HS400 USDHC clock speed (git-fixes)
- commit b77d1e0
- arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed (git-fixes)
- commit 3cbe1cf
- arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed (git-fixes)
- commit 6d0adbc
- arm64: dts: rockchip: fix endpoint dtc warning for PX30 ISP (git-fixes)
- commit d8b8e5c
- arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() (git-fixes)
- commit 81dc70d
- arm64: dts: freescale: imx8mm-verdin: Keep LDO5 always on (git-fixes)
- commit a30082d
- arm64: Filter out SME hwcaps when FEAT_SME isn't implemented (git-fixes)
- commit d67b39d
- arm64: dts: apple: t8103: Fix PCIe BCM4377 nodename (git-fixes)
- commit 3ecd022
- arm64: Restrict pagetable teardown to avoid false warning (git-fixes)
- commit c34ecbe
- arm64: dts: rockchip: Update eMMC for NanoPi R5 series (git-fixes)
- commit b37cb41
- arm64: dts: imx8mp-beacon: Fix RTC capacitive load (git-fixes)
- commit 32c56dd
- arm64: dts: imx8mn-beacon: Fix RTC capacitive load (git-fixes)
- commit ee84ff9
- arm64: dts: imx8mm-beacon: Fix RTC capacitive load (git-fixes)
- commit 7b505c9
- arm64: tegra: Drop remaining serial clock-names and reset-names (git-fixes)
- commit 2981841
- arm64: Add support for HIP09 Spectre-BHB mitigation (git-fixes)
- commit 4ad8521
- arm64: zynqmp: add clock-output-names property in clock nodes (git-fixes)
- commit ba1bbf1
- arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator (git-fixes)
- commit 356d85f
- arm64/mm: Check PUD_TYPE_TABLE in pud_bad() (git-fixes)
- commit 1ad9e93
- arm64/cpufeatures/kvm: Add ARMv8.9 FEAT_ECBHB bits in ID_AA64MMFR1 (git-fixes)
- commit 54de7d8
- serial: 8250: fix panic due to PSLVERR (git-fixes).
- commit c91d52e
- drm/amd/display: Add more checks for DSC / HUBP ONO guarantees (bsc#1247078 CVE-2025-38360)
- commit 9101a0c
- net: libwx: remove duplicate page_pool_put_full_page()
(CVE-2025-38490 bsc#1247243).
- commit f305524
- libevent
-
- Disable the select backend, this can be easily done by lying
to configure. This is done due to:
* using fd number > 1024 on an fd_set results in a runtime
fortify source assertion, preventing further doom.
* select will not be changed to handle fd > 1024.
* this limit is unreasonable low for this century.
- Drop insserv_prereq and fillup_prereq macros: there are no
pre-scripts that would justify these dependencies.
- Update to 2.1.12 stable
* buffer: do not pass NULL to memcpy() from evbuffer_pullup()
* http: fix undefined-shift in EVUTIL_IS*_ helpers
* Check error code of evhttp_add_header_internal() in
evhttp_parse_query_impl()
* http: fix EVHTTP_CON_AUTOFREE in case of timeout
* evdns: Add additional validation for values of dns options
* Fix memory corruption in EV_CLOSURE_EVENT_FINALIZE with debug enabled
* increase segment refcnt only if evbuffer_add_file_segment() succeeds
* evdns: fix a crash when evdns_base with waiting requests is freed
* event_base_once: fix potential null pointer threat
* http: do not assume body for CONNECT
* evbuffer_add_file: fix freeing of segment in the error path
* Fix checking return value of the evdns_base_resolv_conf_parse()
* Support EV_CLOSED on linux for poll(2)
* Parse IPv6 scope IDs.
* evutil_time: detect and use _gmtime64_s()/_gmtime64()
* bufferevent: allow setting priority on socket and openssl type
* Fix EV_CLOSED detection/reporting
* Revert "Warn if forked from the event loop during event_reinit()"
- Add upstream patches with the feature of "prepare" and "check"
watchers. That feature is needed by envoy-proxy:
* 0001-evwatch-Add-prepare-and-check-watchers.patch
* 0002-evwatch-fix-race-condition.patch
- Update to 2.1.11 stable
* Fix ABI breakage that had been introduced in 2.1.10. Strictly speaking
this release breaks ABI again to make it compatible with <= 2.1.9.
+ See git commit 18104973 for more details
* evdns: add new options -- so-rcvbuf/so-sndbuf
* various autotools and cmake build changes
* buffer: fix possible NULL dereference in evbuffer_setcb() on ENOMEM
* Warn if forked from the event loop during event_reinit()
* evutil: set the have_checked_interfaces in evutil_check_interfaces()
* https-client: correction error checking
- Use FAT LTO objects in order to provide proper static library.
- Fix name of library package (bsc#1138369)
- Update to 2.1.10 stable
* evdns: add DNS_OPTION_NAMESERVERS_NO_DEFAULT /
EVDNS_BASE_NAMESERVERS_NO_DEFAULT
* Add support for EV_TIMEOUT to event_base_active_by_fd
* kqueue: Avoid undefined behaviour.
* Prevent integer overflow in kq_build_changes_list.
* evdns: fix lock/unlock mismatch in evdns_close_server_port()
* Protect min_heap_push_ against integer overflow.
* le-proxy: initiate use of the Winsock DLL
* Fix leaks in error path of the bufferevent_init_common_()
* buffer: make evbuffer_prepend() of zero-length array no-op
* Don't loose top error in SSL
* Remove needless check for arc4_seeded_ok
* Cleanup __func__ detection
* Add convenience macros for user-triggered events
* Notify event base if there are no more events, so it can exit without
delay
* Fix base unlocking in event_del() if event_base_set() runned in another
thread
* If precise_time is false, we should not set EVENT_BASE_FLAG_PRECISE_TIMER
* Fix race in access to ev_res from event loop with event_active()
* Return from event_del() after the last event callback termination
* Preserve socket error from listen across closesocket cleanup
* fix connection retries when there more then one request for connection
* improve error path for bufferevent_{setfd,enable,disable}()
* Fix conceivable UAF of the bufferevent in evhttp_connection_free()
* Fix evhttp_connection_get_addr() fox incomming http connections
* fix leaks in evhttp_uriencode()
* CONNECT method only takes an authority
* Allow bodies for GET/DELETE/OPTIONS/CONNECT
* Do not crash when evhttp_send_reply_start() is called after a timeout.
* Fix crashing http server when callback do not reply in place
* fix handling of close_notify (ssl) in http with openssl bufferevents
* use *_new_with_arg() to match function prototype
* avoid NULL dereference on request is not EVHTTP_REQ_POST
* bufferevent_socket_connect{,_hostname}() missing event callback and use
ret code
* don't fail be_null_filter if bytes are copied
* Call underlying bev ctrl GET_FD on filtered bufferevents
* be_openssl: avoid leaking of SSL structure
* Add missing includes into openssl-compat.h
* Explicitly call SSL_clear when reseting the fd.
* sample/https-client: use host SSL certificate store by default
* ipv6only socket bind support
* evdns: handle NULL filename explicitly
* Fix assert() condition in evbuffer_drain() for IOCP
* fix incorrect unlock of the buffer mutex (for deferred callbacks)
* Fix wrong assert in evbuffer_drain()
* Port `event_rpcgen.py` and `test/check-dumpevents.py` to Python 3.
- rename python2-shebang.patch -> python3-shebang.patch following port
- Make use of %license macro
- Add devel-static package, which is needed for building Envoy
(https://www.envoyproxy.io/) and Cilium with Envoy integration
- Fix an error about /usr/bin/env shebang in event_rpcgen.py
* python2-shebang.patch
- expat
-
- Fix CVE-2025-59375 / bsc#1249584.
- Add patch file:
* CVE-2025-59375.patch
- libzypp
-
- runposttrans: strip root prefix from tmppath (bsc#1250343)
- fixup! Make ld.so ignore the subarch packages during install
(bsc#1246912)
- version 17.37.18 (35)
- Make ld.so ignore the subarch packages during install
(bsc#1246912)
- version 17.37.17 (35)
- python-certifi
-
- Add python36-certifi provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-idna
-
- Add python36-idna provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-importlib-metadata
-
- Add python36-importlib-metadata provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-packaging
-
- Add python36-packaging provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-pyasn1
-
- Add python36-pyasn1 provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-pycparser
-
- Add python36-pycparser provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-pytz
-
- Add python36-pytz provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-py
-
- Add python36-py provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-requests
-
- Add python36- provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-six
-
- Add python36-six provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- samba
-
- CVE-2025-9640: fix vfs_streams_xattr uninitialized memory write;
(bsc#1251279);(bso#15885).
- CVE-2025-10230: fix command Injection in WINS Server Hook Script;
(bsc#1251280);(bso#15903).
- sudo
-
- Fix for SG#69994, bsc#1240954, bsc#1245743:
* bsc1240954.patch:
[PATCH] If user's tty goes away, tell monitor to revoke the tty
in its session.
- zypper
-
- Fixed `bash-completion`: `zypper refresh` now ignores
repository priority lines.
- Changes to support building against restructured libzypp in
stack build (bsc#1230267)
- version 1.14.94