- kernel-default
-
- Refresh
patches.suse/cifs-after-disabling-multichannel-mark-tcon-for-reconnect.patch.
- Refresh
patches.suse/cifs-avoid-redundant-calls-to-disable-multichannel.patch.
- Refresh
patches.suse/cifs-cifs_pick_channel-should-try-selecting-active-channels.patch.
- Refresh
patches.suse/cifs-deal-with-the-channel-loading-lag-while-picking-channels.patch.
- Refresh
patches.suse/cifs-dns-resolution-is-needed-only-for-primary-channel.patch.
- Refresh
patches.suse/cifs-do-not-search-for-channel-if-server-is-terminating.patch.
- Refresh
patches.suse/cifs-fix-a-pending-undercount-of-srv_count.patch.
- Refresh
patches.suse/cifs-fix-lock-ordering-while-disabling-multichannel.patch.
- Refresh
patches.suse/cifs-fix-stray-unlock-in-cifs_chan_skip_or_disable.patch.
- Refresh
patches.suse/cifs-fix-use-after-free-for-iface-while-disabling-secondary-channel.patch.
- Refresh
patches.suse/cifs-handle-when-server-stops-supporting-multichannel.patch.
- Refresh
patches.suse/cifs-reconnect-worker-should-take-reference-on-server-struct-uncond.patch.
- Refresh
patches.suse/cifs-reset-connections-for-all-channels-when-reconnect-requested.patch.
- Refresh
patches.suse/cifs-reset-iface-weights-when-we-cannot-find-a-candidate.patch.
- Refresh
patches.suse/smb-client-fix-cifs_pick_channel-when-channel-needs-reconnect.patch.
- Refresh
patches.suse/smb-client-introduce-close_cached_dir_locked-.patch.
- Refresh
patches.suse/smb3-add-missing-null-server-pointer-check.patch.
- commit 966613b
- cifs: fix use after free for iface while disabling secondary
channels (git-fixes).
- commit dfe1d44
- cifs: reconnect worker should take reference on server struct
unconditionally (git-fixes).
- Refresh
patches.suse/cifs-handle-servers-that-still-advertise-multichannel-after-disabli.patch.
- Refresh
patches.suse/smb-client-get-rid-of-nlsc-param-in-cifs_tree_connect-.patch.
- commit a6f7e74
- Refresh
patches.suse/cifs-make-sure-that-channel-scaling-is-done-only-once.patch.
- commit f14b40c
- cifs: avoid redundant calls to disable multichannel (git-fixes).
- smb3: add missing null server pointer check (git-fixes).
- Refresh
patches.suse/cifs-make-sure-server-interfaces-are-requested-only-for-SMB3-.patch.
- Refresh
patches.suse/cifs-serialize-other-channels-when-query-server-interfaces-is-pendi.patch.
- commit 6f71d7c
- cifs: fix stray unlock in cifs_chan_skip_or_disable (git-fixes).
- commit 9d297d5
- cifs: do not search for channel if server is terminating
(git-fixes).
- commit 1796cf0
- cifs: handle servers that still advertise multichannel after
disabling (git-fixes).
- cifs: serialize other channels when query server interfaces
is pending (git-fixes).
- Refresh
patches.suse/cifs-do-not-disable-interface-polling-on-failure.patch.
- Refresh
patches.suse/cifs-make-sure-server-interfaces-are-requested-only-for-SMB3-.patch.
- Refresh
patches.suse/cifs-make-sure-that-channel-scaling-is-done-only-once.patch.
- Refresh
patches.suse/smb-client-get-rid-of-nlsc-param-in-cifs_tree_connect-.patch.
- Refresh
patches.suse/smb3-fix-for-slab-out-of-bounds-on-mount-to-ksmbd.patch.
- commit e76704e
- smb: client: fix cifs_pick_channel when channel needs reconnect
(git-fixes).
- commit 59edbd9
- cifs: cifs_pick_channel should try selecting active channels
(git-fixes).
- commit 3f9ba92
- x86/microcode/AMD: Select which microcode patch to load
(bsc#1256528).
- Refresh
patches.suse/x86-microcode-AMD-Handle-the-case-of-no-BIOS-microcode.patch.
- commit dca6829
- x86/microcode/AMD: Fix Entrysign revision check for Zen5/Strix
Halo (bsc#1256528).
- x86/microcode/AMD: Add Zen5 model 0x44, stepping 0x1 minrev
(bsc#1256528).
- x86/microcode/AMD: Add more known models to entry sign checking
(bsc#1256528).
- x86/microcode/AMD: Limit Entrysign signature checking to known
generations (bsc#1256528).
- x86/microcode: Fix Entrysign revision check for Zen1/Naples
(bsc#1256528).
- x86/microcode/AMD: Add TSA microcode SHAs (bsc#1256528).
- x86/microcode/AMD: Use sha256() instead of init/update/final
(bsc#1256528).
- x86/microcode/AMD: Clean the cache if update did not load
microcode (bsc#1256528).
- x86/microcode/AMD: Extend the SHA check to Zen5, block
loading of any unreleased standalone Zen5 microcode patches
(bsc#1256528).
- x86/microcode/AMD: Fix __apply_microcode_amd()'s return value
(bsc#1256528).
- x86/microcode/AMD: Add some forgotten models to the SHA check
(bsc#1256528).
- x86/microcode/AMD: Load only SHA256-checksummed patches
(bsc#1256528).
- commit 4e60c5e
- fuse: fix livelock in synchronous file put from fuseblk workers (CVE-2025-40220 bsc#1254520).
- commit 46a797f
- tracing: Fix access to trace_event_file (bsc#1254373).
- commit 768b257
- supported.conf: mark ksmbd unsupported
Based on discussion with Enzo Matsumiya it has tuned out that ksmbd
module is unsupported but the supported.conf entry is incorrect. Fix
that.
- commit c800e3f
- powerpc/eeh: fix recursive pci_lock_rescan_remove locking in
EEH event handling (bsc#1253262 ltc#216029).
- commit daa4104
- Update
patches.suse/1260-drm-amdkfd-Add-missing-gfx11-MQD-manager-callbacks.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-54261
bsc#1255879).
- Update
patches.suse/ACPI-video-Fix-use-after-free-in-acpi_video_switch_b.patch
(git-fixes CVE-2025-40211 bsc#1254126).
- Update
patches.suse/ALSA-dice-fix-buffer-overflow-in-detect_stream_forma.patch
(git-fixes CVE-2025-68346 bsc#1255603).
- Update
patches.suse/ALSA-firewire-motu-add-bounds-check-in-put_user-loop.patch
(git-fixes CVE-2025-68753 bsc#1256238).
- Update
patches.suse/ALSA-firewire-motu-fix-buffer-overflow-in-hwdep-read.patch
(git-fixes CVE-2025-68347 bsc#1255706).
- Update
patches.suse/ALSA-hda-cs35l41-Fix-NULL-pointer-dereference-in-cs3-c34b04c.patch
(git-fixes CVE-2025-68345 bsc#1255601).
- Update
patches.suse/ALSA-pcm-Fix-potential-data-race-at-PCM-memory-.patch
(bsc#1012628 CVE-2023-54072 bsc#1256291).
- Update
patches.suse/ALSA-usb-audio-Fix-NULL-pointer-dereference-in-snd_u.patch
(git-fixes CVE-2025-40275 bsc#1254829).
- Update
patches.suse/ALSA-usb-audio-Fix-potential-memory-leaks-at-error-p.patch
(jsc#PED-6045 jsc#PED-6036 jsc#PED-6104 jsc#PED-6114
jsc#PED-6067 jsc#PED-6123 CVE-2023-54022 bsc#1255545).
- Update
patches.suse/ALSA-usb-audio-Fix-potential-overflow-of-PCM-transfe.patch
(stable-fixes CVE-2025-40269 bsc#1255035).
- Update
patches.suse/ASoC-codecs-wcd-mbhc-v2-fix-resource-leaks-on-c.patch
(bsc#1012628 CVE-2023-53842 bsc#1254690).
- Update
patches.suse/Bluetooth-6lowpan-reset-link-local-header-on-ipv6-re.patch
(git-fixes CVE-2025-40282 bsc#1254850).
- Update
patches.suse/Bluetooth-ISO-fix-iso_conn-related-locking-and-.patch
(bsc#1012628 CVE-2023-54164 bsc#1256071).
- Update
patches.suse/Bluetooth-MGMT-cancel-mesh-send-timer-when-hdev-remo.patch
(git-fixes CVE-2025-40284 bsc#1254860).
- Update patches.suse/Bluetooth-SCO-Fix-UAF-on-sco_conn_free.patch
(stable-fixes CVE-2025-40309 bsc#1255065).
- Update
patches.suse/Bluetooth-bcsp-receive-data-only-if-registered.patch
(stable-fixes CVE-2025-40308 bsc#1255064).
- Update
patches.suse/Bluetooth-btusb-reorder-cleanup-in-btusb_disconnect-.patch
(git-fixes CVE-2025-40283 bsc#1254858).
- Update
patches.suse/Bluetooth-hci_conn-return-ERR_PTR-instead-of-NU.patch
(bsc#1012628 CVE-2023-54038 bsc#1255540).
- Update
patches.suse/Bluetooth-hci_event-validate-skb-length-for-unknown-.patch
(git-fixes CVE-2025-40301 bsc#1255193).
- Update
patches.suse/Bluetooth-hci_sock-Prevent-race-in-socket-write-iter.patch
(git-fixes CVE-2025-68305 bsc#1255169).
- Update
patches.suse/Bluetooth-hci_sync-Avoid-use-after-free-in-dbg-.patch
(bsc#1012628 CVE-2023-54210 bsc#1255955).
- Update
patches.suse/Bluetooth-hci_sync-Avoid-use-after-free-in-dbg-for-h.patch
(git-fixes CVE-2023-53828 bsc#1254623).
- Update
patches.suse/Bluetooth-hci_sync-Fix-UAF-in-hci_disconnect_all_syn.patch
(git-fixes CVE-2023-53762 bsc#1254606).
- Update
patches.suse/Bluetooth-hci_sync-fix-race-in-hci_cmd_sync_dequeue_.patch
(git-fixes CVE-2025-40318 bsc#1254798).
- Update
patches.suse/FS-JFS-Check-for-read-only-mounted-filesystem-i.patch
(bsc#1012628 CVE-2023-53766 bsc#1255005).
- Update
patches.suse/HID-hidraw-fix-data-race-on-device-refcount.patch
(bsc#1012628 CVE-2023-53759 bsc#1254663).
- Update
patches.suse/HID-uclogic-Correct-devm-device-reference-for-hidinp.patch
(git-fixes CVE-2023-54207 bsc#1255961).
- Update
patches.suse/HID-wacom-Use-ktime_t-rather-than-int-when-deal.patch
(bsc#1012628 CVE-2023-53797 bsc#1254733).
- Update
patches.suse/Input-cros_ec_keyb-fix-an-invalid-memory-access.patch
(stable-fixes CVE-2025-40263 bsc#1255077).
- Update
patches.suse/Input-imx_sc_key-fix-memory-corruption-on-unload.patch
(git-fixes CVE-2025-40262 bsc#1254840).
- Update
patches.suse/Input-pegasus-notetaker-fix-potential-out-of-bounds-.patch
(git-fixes CVE-2025-68217 bsc#1255221).
- Update
patches.suse/KVM-SVM-Get-source-vCPUs-from-source-VM-for-SEV-ES-i.patch
(git-fixes CVE-2023-54296 bsc#1255793).
- Update
patches.suse/KVM-s390-pv-fix-index-value-of-replaced-ASCE.patch
(bsc#1012628 CVE-2023-54092 bsc#1256370).
- Update patches.suse/MIPS-KVM-Fix-NULL-pointer-dereference.patch
(bsc#1012628 CVE-2023-54241 bsc#1255838).
- Update patches.suse/NFSD-Fix-crash-in-nfsd4_read_release.patch
(git-fixes CVE-2025-40324 bsc#1254791).
- Update
patches.suse/NFSD-free-copynotify-stateid-in-nfs4_free_ol_stateid.patch
(git-fixes CVE-2025-40273 bsc#1254828).
- Update patches.suse/PCI-DOE-Fix-destroy_work_on_stack-race.patch
(git-fixes CVE-2023-54235 bsc#1255921).
- Update
patches.suse/PCI-Free-released-resource-after-coalescing.patch
(git-fixes CVE-2023-53743 bsc#1254782).
- Update
patches.suse/PCI-IOV-Add-PCI-rescan-remove-locking-when-enabling-.patch
(git-fixes CVE-2025-40219 bsc#1254518).
- Update
patches.suse/PCI-cadence-Check-for-the-existence-of-cdns_pcie-ops.patch
(stable-fixes CVE-2025-68176 bsc#1255329).
- Update
patches.suse/RDMA-bnxt_re-Prevent-handling-any-completions-a.patch
(bsc#1012628 CVE-2023-54048 bsc#1256395).
- Update
patches.suse/RDMA-efa-Fix-wrong-resources-deallocation-order.patch
(git-fixes CVE-2023-54201 bsc#1255964).
- Update
patches.suse/RDMA-irdma-Fix-data-race-on-CQP-completion-stat.patch
(bsc#1012628 CVE-2023-54302 bsc#1255792).
- Update
patches.suse/RDMA-irdma-Fix-data-race-on-CQP-request-done.patch
(bsc#1012628 CVE-2023-54292 bsc#1255800).
- Update
patches.suse/Revert-IB-isert-Fix-incorrect-release-of-isert-conne.patch
(git-fixes CVE-2023-54219 bsc#1256231).
- Update
patches.suse/accel-habanalabs-support-mapping-cb-with-vmalloc-bac.patch
(stable-fixes CVE-2025-40311 bsc#1255068).
- Update
patches.suse/accel-qaic-Clean-up-integer-overflow-checking-.patch
(bsc#1012628 CVE-2023-53778 bsc#1254761).
- Update
patches.suse/af_unix-Fix-data-race-around-unix_tot_inflight.patch
(git-fixes CVE-2023-54006 bsc#1255591).
- Update patches.suse/amba-bus-fix-refcount-leak.patch (git-fixes
CVE-2023-54230 bsc#1255925).
- Update
patches.suse/amd-amdkfd-resolve-a-race-in-amdgpu_amdkfd_device_fi.patch
(stable-fixes CVE-2025-40310 bsc#1255041).
- Update
patches.suse/amdgpu-validate-offset_in_bo-of-drm_amdgpu_gem_.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53819
bsc#1254712).
- Update patches.suse/arm64-mm-fix-VA-range-sanity-check.patch
(bsc#1012628 CVE-2023-53989 bsc#1256302).
- Update
patches.suse/arm64-set-__exception_irq_entry-with-__irq_entr.patch
(bsc#1012628 CVE-2023-54322 bsc#1255763).
- Update
patches.suse/atm-fore200e-Fix-possible-data-race-in-fore200e_open.patch
(git-fixes CVE-2025-68339 bsc#1255505).
- Update
patches.suse/audit-fix-possible-soft-lockup-in-__audit_inode_chil.patch
(git-fixes CVE-2023-54045 bsc#1256285).
- Update
patches.suse/autofs-fix-memory-leak-of-waitqueues-in-autofs_catat.patch
(git-fixes CVE-2023-54134 bsc#1256106).
- Update
patches.suse/backlight-led-bl-Add-devlink-to-supplier-LEDs.patch
(git-fixes CVE-2025-68758 bsc#1255944).
- Update
patches.suse/bcache-fixup-btree_cache_wait-list-damage.patch
(bsc#1012628 CVE-2023-54293 bsc#1255801).
- Update patches.suse/binder-fix-memory-leak-in-binder_init.patch
(bsc#1012628 CVE-2023-54005 bsc#1255629).
- Update
patches.suse/blk-cgroup-Fix-NULL-deref-caused-by-blkg_policy_data-being-installed-before-init.patch
(bsc#1216062 CVE-2023-54271 bsc#1255902).
- Update
patches.suse/blk-cgroup-hold-queue_lock-when-removing-blkg-.patch
(bsc#1012628 CVE-2023-54088 bsc#1256263).
- Update
patches.suse/blk-mq-fix-tags-leak-when-shrink-nr_hw_queues.patch
(bsc#1216436 CVE-2023-54227 bsc#1255952).
- Update
patches.suse/block-fix-blktrace-debugfs-entries-leakage.patch
(bsc#1012628 CVE-2023-54209 bsc#1255963).
- Update
patches.suse/block-rq_qos-protect-rq_qos-apis-with-a-new-loc.patch
(bsc#1012628 CVE-2023-53823 bsc#1254691).
- Update
patches.suse/bpf-Address-KCSAN-report-on-bpf_lru_list.patch
(bsc#1012628 CVE-2023-54283 bsc#1255809).
- Update
patches.suse/bpf-Disable-preemption-in-bpf_event_output.patch
(bsc#1012628 CVE-2023-54173 bsc#1255996).
- Update
patches.suse/bpf-Disable-preemption-in-bpf_perf_event_outpu.patch
(bsc#1012628 CVE-2023-54303 bsc#1255785).
- Update
patches.suse/bpf-Fix-issue-in-verifying-allow_ptr_leaks.patch
(jsc#PED-6811 CVE-2023-54181 bsc#1255988).
- Update
patches.suse/bpf-Silence-a-warning-in-btf_type_id_size.patch
(bsc#1012628 CVE-2023-54247 bsc#1255892).
- Update
patches.suse/bpf-bpf_sk_storage-Fix-invalid-wait-context-lockdep-.patch
(jsc#PED-6811 CVE-2023-53857 bsc#1254648).
- Update
patches.suse/bpf-drop-unnecessary-user-triggerable-WARN_ONCE.patch
(bsc#1012628 CVE-2023-54145 bsc#1256090).
- Update
patches.suse/bpf-sockmap-Fix-skb-refcnt-race-after-locking-change.patch
(jsc#PED-6811 CVE-2023-53836 bsc#1254693).
- Update
patches.suse/btrfs-fix-incorrect-splitting-in-btrfs_drop_ex.patch
(bsc#1012628 CVE-2023-54121 bsc#1256267).
- Update
patches.suse/btrfs-fix-lockdep-splat-and-potential-deadlock-after.patch
(git-fixes CVE-2023-54224 bsc#1255951).
- Update
patches.suse/btrfs-fix-race-between-balance-and-cancel-pause.patch
(bsc#1012628 CVE-2023-54023 bsc#1256301).
- Update
patches.suse/btrfs-fix-race-when-deleting-free-space-root-fr.patch
(bsc#1012628 CVE-2023-54067 bsc#1256369).
- Update
patches.suse/btrfs-fix-race-when-deleting-quota-root-from-th.patch
(bsc#1012628 CVE-2023-54032 bsc#1255617).
- Update
patches.suse/btrfs-fix-warning-when-putting-transaction-with.patch
(bsc#1012628 CVE-2023-53865 bsc#1254762).
- Update
patches.suse/btrfs-release-path-before-inode-lookup-during-the-in.patch
(git-fixes CVE-2023-54281 bsc#1255820).
- Update
patches.suse/btrfs-remove-BUG_ON-s-in-add_new_free_space.patch
(bsc#1012628 CVE-2023-54185 bsc#1255984).
- Update
patches.suse/btrfs-set-page-extent-mapped-after-read_folio-in-rel.patch
(git-fixes CVE-2023-54253 bsc#1255891).
- Update
patches.suse/btrfs-zoned-fix-memory-leak-after-finding-block.patch
(bsc#1012628 CVE-2023-54297 bsc#1255795).
- Update
patches.suse/btrfs-zoned-skip-splitting-and-logical-rewriting-on-.patch
(bsc#1223731 CVE-2024-26944 CVE-2023-54080 bsc#1256367).
- Update
patches.suse/can-gs_usb-gs_usb_xmit_callback-fix-handling-of-fail.patch
(git-fixes CVE-2025-68307 bsc#1255146).
- Update
patches.suse/can-kvaser_usb-leaf-Fix-potential-infinite-loop-in-c.patch
(git-fixes CVE-2025-68308 bsc#1255149).
- Update
patches.suse/cifs-fix-potential-oops-in-cifs_oplock_break.patch
(bsc#1012628 CVE-2023-54258 bsc#1255886).
- Update
patches.suse/cifs-fix-session-state-check-in-reconnect-to-a.patch
(bsc#1012628 CVE-2023-53794 bsc#1255163).
- Update
patches.suse/clk-clocking-wizard-Fix-Oops-in-clk_wzrd_regist.patch
(bsc#1012628 CVE-2023-53807 bsc#1254724).
- Update
patches.suse/clk-imx93-fix-memory-leak-and-missing-unwind-go.patch
(bsc#1012628 CVE-2023-54221 bsc#1255842).
- Update
patches.suse/comedi-c6xdigio-Fix-invalid-PNP-driver-unregistratio.patch
(git-fixes CVE-2025-68332 bsc#1255483).
- Update
patches.suse/comedi-check-device-s-attached-status-in-compat-ioct.patch
(git-fixes CVE-2025-68257 bsc#1255167).
- Update
patches.suse/comedi-multiq3-sanitize-config-options-in-multiq3_at.patch
(git-fixes CVE-2025-68258 bsc#1255182).
- Update
patches.suse/comedi-pcl818-fix-null-ptr-deref-in-pcl818_ai_cancel.patch
(git-fixes CVE-2025-68335 bsc#1255480).
- Update
patches.suse/crypto-api-Use-work-queue-in-crypto_destroy_instance.patch
(git-fixes CVE-2023-53799 bsc#1254732).
- Update
patches.suse/crypto-aspeed-fix-double-free-caused-by-devm.patch
(git-fixes CVE-2025-68172 bsc#1255253).
- Update
patches.suse/crypto-asymmetric_keys-prevent-overflow-in-asymmetri.patch
(git-fixes CVE-2025-68724 bsc#1255550).
- Update
patches.suse/dccp-Fix-out-of-bounds-access-in-DCCP-error-handler.patch
(bsc#1220419 CVE-2023-53782 bsc#1254758).
- Update
patches.suse/dccp-fix-data-race-around-dp-dccps_mss_cache.patch
(bsc#1012628 CVE-2023-53839 bsc#1254655).
- Update
patches.suse/devlink-report-devlink_port_type_warn-source-de.patch
(bsc#1012628 CVE-2023-53841 bsc#1255009).
- Update
patches.suse/dm-don-t-attempt-to-queue-IO-under-RCU-protection-a9ce.patch
(jsc#PED-7514 CVE-2023-53860 bsc#1254626).
- Update
patches.suse/dm-fix-a-race-condition-in-retrieve_deps-f600.patch
(jsc#PED-7514 CVE-2023-54324 bsc#1255759).
- Update
patches.suse/driver-soc-xilinx-use-_safe-loop-iterator-to-av.patch
(bsc#1012628 CVE-2023-54101 bsc#1256153).
- Update
patches.suse/drm-amd-display-Check-NULL-before-accessing.patch
(stable-fixes CVE-2025-68286 bsc#1255351).
- Update
patches.suse/drm-amd-display-Fix-NULL-deref-in-debugfs-odm_combin.patch
(git-fixes CVE-2025-68180 bsc#1255252).
- Update
patches.suse/drm-amdgpu-Fix-NULL-pointer-dereference-in-VRAM-logi.patch
(stable-fixes CVE-2025-40288 bsc#1255057).
- Update
patches.suse/drm-bridge-dw_hdmi-fix-connector-access-for-scd.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53784
bsc#1254765).
- Update
patches.suse/drm-client-Fix-memory-leak-in-drm_client_target.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-54091
bsc#1256274).
- Update
patches.suse/drm-i915-Avoid-lock-inversion-when-pinning-to-GGTT-o.patch
(git-fixes CVE-2025-68244 bsc#1255190).
- Update
patches.suse/drm-mediatek-Fix-device-use-after-free-on-unbind.patch
(git-fixes CVE-2025-40316 bsc#1254797).
- Update
patches.suse/drm-msm-dp-Drop-aux-devices-together-with-DP-co.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53851
bsc#1254695).
- Update
patches.suse/drm-mxsfb-Disable-overlay-plane-in-mxsfb_plane_overl.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53864
bsc#1254754).
- Update
patches.suse/drm-nouveau-kms-nv50-init-hpd_irq_lock-for-PIOR.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-54263
bsc#1255883).
- Update
patches.suse/drm-sched-Fix-deadlock-in-drm_sched_entity_kill_jobs.patch
(git-fixes CVE-2025-40329 bsc#1254621).
- Update patches.suse/drm-tegra-Add-call-to-put_pid.patch
(git-fixes CVE-2025-68233 bsc#1255206).
- Update
patches.suse/drm-ttm-Don-t-leak-a-resource-on-eviction-error.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-54254
bsc#1255890).
- Update
patches.suse/drm-ttm-Don-t-leak-a-resource-on-swapout-move-e.patch
(jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070
jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511
jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53844
bsc#1254649).
- Update
patches.suse/drm-vgem-fence-Fix-potential-deadlock-on-release.patch
(git-fixes CVE-2025-68757 bsc#1255943).
- Update
patches.suse/drm-vmwgfx-Validate-command-header-size-against-SVGA.patch
(git-fixes CVE-2025-40277 bsc#1254894).
- Update
patches.suse/erofs-kill-hooked-chains-to-avoid-loops-on-dedu.patch
(bsc#1012628 CVE-2023-53777 bsc#1254749).
- Update
patches.suse/exfat-use-kvmalloc_array-kvfree-instead-of-kma.patch
(bsc#1012628 CVE-2023-54194 bsc#1255974).
- Update
patches.suse/ext4-correct-grp-validation-in-ext4_mb_good_group.patch
(bsc#1234163 CVE-2023-53861 bsc#1254678).
- Update
patches.suse/ext4-fix-BUG-in-ext4_mb_new_inode_pa-due-to-overflow.patch
(bsc#1219165 CVE-2023-54069 bsc#1256371).
- Update
patches.suse/ext4-fix-rbtree-traversal-bug-in-ext4_mb_use_pr.patch
(bsc#1012628 CVE-2023-53813 bsc#1254717).
- Update
patches.suse/ext4-turn-quotas-off-if-mount-failed-after-enab.patch
(bsc#1012628 CVE-2023-54153 bsc#1256081).
- Update
patches.suse/f2fs-fix-to-do-sanity-check-on-direct-node-in-.patch
(bsc#1012628 CVE-2023-53846 bsc#1254983).
- Update
patches.suse/fbcon-Set-fb_display-i-mode-to-NULL-when-the-mode-is.patch
(stable-fixes CVE-2025-40323 bsc#1255094).
- Update
patches.suse/fbdev-Add-bounds-checking-in-bit_putcs-to-fix-vmallo.patch
(stable-fixes CVE-2025-40304 bsc#1255034).
- Update
patches.suse/fbdev-bitblit-bound-check-glyph-index-in-bit_putcs.patch
(stable-fixes CVE-2025-40322 bsc#1255092).
- Update
patches.suse/firmware-meson_sm-fix-to-avoid-potential-NULL-pointe.patch
(git-fixes CVE-2023-54304 bsc#1255786).
- Update
patches.suse/firmware-stratix10-svc-fix-bug-in-saving-controller-.patch
(git-fixes CVE-2025-68328 bsc#1255489).
- Update
patches.suse/fs-Protect-reconfiguration-of-sb-read-write-fr.patch
(bsc#1012628 CVE-2023-54099 bsc#1256197).
- Update
patches.suse/fs-jfs-prevent-double-free-in-dbUnmount-after-failed-jfs_remount.patch
(git-fixes CVE-2023-54127 bsc#1256119).
- Update
patches.suse/fs-ntfs3-Return-error-for-inconsistent-extende.patch
(bsc#1012628 CVE-2023-54125 bsc#1256117).
- Update
patches.suse/fs-sysv-Null-check-to-prevent-null-ptr-deref-b.patch
(bsc#1012628 CVE-2023-54264 bsc#1255872).
- Update
patches.suse/gpu-host1x-Fix-race-in-syncpt-alloc-free.patch
(git-fixes CVE-2025-68732 bsc#1255688).
- Update
patches.suse/gtp-Fix-use-after-free-in-__gtp_encap_destroy.patch
(bsc#1012628 CVE-2023-54142 bsc#1256095).
- Update
patches.suse/hfs-validate-record-offset-in-hfsplus_bmap_alloc.patch
(git-fixes CVE-2025-40349 bsc#1255280).
- Update
patches.suse/hfsplus-fix-KMSAN-uninit-value-issue-in-__hfsplus_ext_cache_extent.patch
(git-fixes CVE-2025-40244 bsc#1255033).
- Update
patches.suse/hfsplus-fix-KMSAN-uninit-value-issue-in-hfsplus_delete_cat.patch
(git-fixes CVE-2025-40351 bsc#1255281).
- Update
patches.suse/hwrng-virtio-Fix-race-on-data_avail-and-actual-.patch
(bsc#1012628 CVE-2023-53998 bsc#1255578).
- Update
patches.suse/iavf-use-internal-state-to-free-traffic-IRQs.patch
(bsc#1012628 CVE-2023-53850 bsc#1254677).
- Update
patches.suse/ice-prevent-NULL-pointer-deref-during-reload.patch
(bsc#1012628 CVE-2023-54037 bsc#1255557).
- Update
patches.suse/igb-clean-up-in-all-error-paths-when-enabling-SR-IOV.patch
(jsc#PED-4866 CVE-2023-54070 bsc#1256364).
- Update
patches.suse/igc-Fix-Kernel-Panic-during-ndo_tx_timeout-call.patch
(bsc#1012628 CVE-2023-54166 bsc#1256074).
- Update
patches.suse/iio-accel-bmc150-Fix-irq-assumption-regression.patch
(stable-fixes CVE-2025-68330 bsc#1255493).
- Update
patches.suse/iio-adc-ina2xx-avoid-NULL-pointer-dereference-.patch
(bsc#1012628 CVE-2023-53834 bsc#1254660).
- Update
patches.suse/iio-core-Prevent-invalid-memory-access-when-th.patch
(bsc#1012628 CVE-2023-54027 bsc#1255579).
- Update
patches.suse/ima-Handle-error-code-returned-by-ima_filter_rule_ma.patch
(git-fixes CVE-2025-68740 bsc#1255812).
- Update
patches.suse/ima-don-t-clear-IMA_DIGSIG-flag-when-setting-or-remo.patch
(stable-fixes CVE-2025-68183 bsc#1255251).
- Update
patches.suse/io_uring-net-don-t-overflow-multishot-recv.patch
(bsc#1215211 CVE-2023-54030 bsc#1255691).
- Update
patches.suse/iomap-Fix-possible-overflow-condition-in-iomap_write_delalloc_scan.patch
(jsc#PED-5453 CVE-2023-54285 bsc#1255807).
- Update
patches.suse/iommufd-IOMMUFD_DESTROY-should-not-increase-the.patch
(bsc#1012628 CVE-2023-53795 bsc#1254737).
- Update
patches.suse/iommufd-Set-end-correctly-when-doing-batch-carr.patch
(bsc#1012628 CVE-2023-54060 bsc#1256379).
- Update
patches.suse/ionic-remove-WARN_ON-to-prevent-panic_on_warn.patch
(bsc#1012628 CVE-2023-53994 bsc#1255570).
- Update
patches.suse/ip6_vti-fix-slab-use-after-free-in-decode_sess.patch
(bsc#1012628 CVE-2023-53821 bsc#1254669).
- Update
patches.suse/ipmi-ssif-Fix-a-memory-leak-when-scanning-for-an-ada.patch
(git-fixes CVE-2023-54064 bsc#1256375).
- Update
patches.suse/irqchip-mchp-eic-Fix-error-code-in-mchp_eic_domain_a.patch
(git-fixes CVE-2025-68766 bsc#1255932).
- Update
patches.suse/isdn-mISDN-hfcsusb-fix-memory-leak-in-hfcsusb_probe.patch
(git-fixes CVE-2025-68734 bsc#1255538).
- Update
patches.suse/jfs-Verify-inode-mode-when-loading-from-disk.patch
(git-fixes CVE-2025-40312 bsc#1255046).
- Update
patches.suse/jfs-fix-uninitialized-waitqueue-in-transaction-manager.patch
(git-fixes CVE-2025-68168 bsc#1255100).
- Update
patches.suse/kcm-Fix-error-handling-for-SOCK_DGRAM-in-kcm_sendmsg.patch
(bsc#1220419 CVE-2023-53825 bsc#1254707).
- Update
patches.suse/kcm-Fix-memory-leak-in-error-path-of-kcm_sendmsg.patch
(bsc#1220419 CVE-2023-54112 bsc#1256354).
- Update
patches.suse/keys-Fix-linking-a-duplicate-key-to-a-keyring-s.patch
(bsc#1012628 CVE-2023-54170 bsc#1256045).
- Update
patches.suse/maple_tree-fix-potential-out-of-bounds-access-i.patch
(bsc#1012628 CVE-2023-54135 bsc#1256107).
- Update
patches.suse/md-fix-warning-for-holder-mismatch-from-export_rdev.patch
(git-fixes CVE-2023-53791 bsc#1254742).
- Update
patches.suse/md-raid5-cache-fix-a-deadlock-in-r5l_exit_log-a705.patch
(jsc#PED-7542 CVE-2023-53848 bsc#1254753).
- Update
patches.suse/media-af9005-Fix-null-ptr-deref-in-af9005_i2c_xfer.patch
(git-fixes CVE-2023-54314 bsc#1255776).
- Update
patches.suse/media-anysee-fix-null-ptr-deref-in-anysee_master_xfe.patch
(git-fixes CVE-2023-54093 bsc#1256273).
- Update
patches.suse/media-dvb-usb-m920x-Fix-a-potential-memory-leak-in-m.patch
(git-fixes CVE-2023-54266 bsc#1255875).
- Update
patches.suse/media-dvb-usb-v2-gl861-Fix-null-ptr-deref-in-gl861_i.patch
(git-fixes CVE-2023-54066 bsc#1256373).
- Update
patches.suse/media-imon-make-send_packet-more-robust.patch
(stable-fixes CVE-2025-68194 bsc#1255325).
- Update
patches.suse/media-mediatek-vcodec-fix-resource-leaks-in-vdec_msg.patch
(git-fixes CVE-2023-54143 bsc#1256096).
- Update
patches.suse/media-tuners-qt1010-replace-BUG_ON-with-a-regular-er.patch
(git-fixes CVE-2023-54282 bsc#1255810).
- Update
patches.suse/media-v4l2-core-Fix-a-potential-resource-leak-in-v4l.patch
(git-fixes CVE-2023-54183 bsc#1255990).
- Update
patches.suse/misc-fastrpc-Fix-dma_buf-object-leak-in-fastrpc_map_.patch
(git-fixes CVE-2025-68252 bsc#1255197).
- Update
patches.suse/misc-pci_endpoint_test-Free-IRQs-before-removin.patch
(bsc#1012628 CVE-2023-54326 bsc#1255758).
- Update
patches.suse/mm-secretmem-fix-use-after-free-race-in-fault-handle.patch
(git-fixes CVE-2025-40272 bsc#1254832).
- Update
patches.suse/mmc-sunplus-fix-return-value-check-of-mmc_add_.patch
(bsc#1012628 CVE-2023-54204 bsc#1255967).
- Update
patches.suse/most-usb-Fix-use-after-free-in-hdm_disconnect.patch
(git-fixes CVE-2025-40223 bsc#1254957).
- Update
patches.suse/most-usb-fix-double-free-on-late-probe-failure.patch
(git-fixes CVE-2025-68290 bsc#1255154).
- Update
patches.suse/most-usb-hdm_probe-Fix-calling-put_device-before-dev.patch
(git-fixes CVE-2025-68249 bsc#1255233).
- Update
patches.suse/mt76-mt7615-Fix-memory-leak-in-mt7615_mcu_wtbl_sta_a.patch
(git-fixes CVE-2025-68765 bsc#1255931).
- Update
patches.suse/mt76-mt7921-don-t-assume-adequate-headroom-for-SDIO-.patch
(git-fixes CVE-2023-53785 bsc#1254918).
- Update
patches.suse/mtd-rawnand-cadence-fix-DMA-device-NULL-pointer-dere.patch
(git-fixes CVE-2025-68238 bsc#1255202).
- Update
patches.suse/mtd-rawnand-fsl_upm-Fix-an-off-by-one-test-in-.patch
(bsc#1012628 CVE-2023-54104 bsc#1256145).
- Update
patches.suse/mtdchar-fix-integer-overflow-in-read-write-ioctls.patch
(git-fixes CVE-2025-68237 bsc#1255203).
- Update
patches.suse/net-core-remove-unnecessary-frame_sz-check-in-.patch
(bsc#1012628 CVE-2023-54155 bsc#1256083).
- Update
patches.suse/net-deal-with-integer-overflows-in-kmalloc_reserve.patch
(bsc#1215146 CVE-2023-42752 CVE-2023-53752 bsc#1254613).
- Update
patches.suse/net-do-not-allow-gso_size-to-be-set-to-GSO_BY_.patch
(bsc#1012628 CVE-2023-54051 bsc#1256394).
- Update
patches.suse/net-dsa-avoid-suspicious-RCU-usage-for-synced-V.patch
(bsc#1012628 CVE-2023-54149 bsc#1256085).
- Update
patches.suse/net-dsa-ocelot-call-dsa_tag_8021q_unregister-u.patch
(bsc#1012628 CVE-2023-53855 bsc#1254688).
- Update
patches.suse/net-ethernet-mtk_eth_soc-fix-possible-NULL-pointer-d.patch
(git-fixes CVE-2023-54240 bsc#1255918).
- Update
patches.suse/net-hns3-fix-deadlock-issue-when-externel_lb-a.patch
(bsc#1012628 CVE-2023-54000 bsc#1255564).
- Update
patches.suse/net-ipa-only-reset-hashed-tables-when-supported.patch
(bsc#1012628 CVE-2023-54225 bsc#1256234).
- Update
patches.suse/net-ipv4-fix-one-memleak-in-__inet_del_ifa.patch
(bsc#1220419 CVE-2023-53995 bsc#1255616).
- Update
patches.suse/net-mlx5-fix-potential-memory-leak-in-mlx5e_in.patch
(bsc#1012628 CVE-2023-54106 bsc#1256358).
- Update
patches.suse/net-mlx5e-Move-representor-neigh-cleanup-to-pr.patch
(bsc#1012628 CVE-2023-54148 bsc#1256084).
- Update
patches.suse/net-mlx5e-TC-Fix-internal-port-memory-leak.patch
(bsc#1012628 CVE-2023-53999 bsc#1255621).
- Update
patches.suse/net-mlx5e-fix-memory-leak-in-mlx5e_ptp_open.patch
(bsc#1012628 CVE-2023-54169 bsc#1256050).
- Update
patches.suse/net-mlx5e-xsk-Fix-invalid-buffer-access-for-le.patch
(bsc#1012628 CVE-2023-54223 bsc#1256233).
- Update
patches.suse/net-openvswitch-reject-negative-ifindex.patch
(bsc#1012628 CVE-2023-53843 bsc#1254705).
- Update
patches.suse/net-prevent-skb-corruption-on-frag-list-segment.patch
(bsc#1012628 CVE-2023-54094 bsc#1256292).
- Update
patches.suse/net-read-sk-sk_family-once-in-sk_mc_loop.patch
(bsc#1220419 CVE-2023-53831 bsc#1254701).
- Update
patches.suse/net-sched-taprio-Limit-TCA_TAPRIO_ATTR_SCHED_C.patch
(bsc#1012628 CVE-2023-54251 bsc#1255888).
- Update
patches.suse/net-smc-use-smc_lgr_list.lock-to-protect-smc_lgr_lis.patch
(git-fixes CVE-2023-54318 bsc#1255772).
- Update
patches.suse/net-usb-qmi_wwan-initialize-MAC-header-offset-in-qmi.patch
(git-fixes CVE-2025-68192 bsc#1255246).
- Update
patches.suse/netfilter-nf_tables-fix-underflow-in-chain-refe.patch
(bsc#1012628 CVE-2023-54035 bsc#1255563).
- Update
patches.suse/netlink-do-not-hard-code-device-address-lenth-i.patch
(bsc#1012628 CVE-2023-53863 bsc#1254657).
- Update
patches.suse/nfp-clean-mc-addresses-in-application-firmware-.patch
(bsc#1012628 CVE-2023-54133 bsc#1256104).
- Update
patches.suse/nfs4_setup_readdir-insufficient-locking-for-d_parent-d_inode-dereferencing.patch
(git-fixes CVE-2025-68185 bsc#1255135).
- Update
patches.suse/nfsd-move-init-of-percpu-reply_cache_stats-coun.patch
(bsc#1012628 CVE-2023-54276 bsc#1255907).
- Update
patches.suse/nilfs2-fix-WARNING-in-mark_buffer_dirty-due-to.patch
(bsc#1012628 CVE-2023-54140 bsc#1256093).
- Update
patches.suse/nouveau-firmware-Add-missing-kfree-of-nvkm_falcon_fw.patch
(git-fixes CVE-2025-68235 bsc#1255209).
- Update
patches.suse/nvme-core-fix-memory-leak-in-dhchap_ctrl_secret.patch
(bsc#1012628 CVE-2023-53792 bsc#1254743).
- Update
patches.suse/nvme-core-fix-memory-leak-in-dhchap_secret_stor.patch
(bsc#1012628 CVE-2023-53852 bsc#1254653).
- Update
patches.suse/nvme-fc-use-lock-accessing-port_state-and-rport-stat.patch
(bsc#1245193 bsc#1247500 CVE-2025-40342 bsc#1255274).
- Update
patches.suse/nvme-multipath-fix-lockdep-WARN-due-to-partition-sca.patch
(git-fixes bsc#1233640 CVE-2024-53093 CVE-2025-68218
bsc#1255245).
- Update
patches.suse/nvmet-fc-avoid-scheduling-association-deletion-twice.patch
(bsc#1245193 bsc#1247500 CVE-2025-40343 bsc#1255276).
- Update
patches.suse/of-overlay-Call-of_changeset_init-early.patch
(git-fixes CVE-2023-53856 bsc#1254661).
- Update
patches.suse/of-unittest-fix-null-pointer-dereferencing-in-of_uni.patch
(git-fixes CVE-2023-54178 bsc#1255992).
- Update
patches.suse/opp-Fix-use-after-free-in-lazy_opp_tables-after.patch
(bsc#1012628 CVE-2023-54026 bsc#1255549).
- Update
patches.suse/orangefs-fix-xattr-related-buffer-overflow.patch
(git-fixes CVE-2025-40306 bsc#1255062).
- Update
patches.suse/ovl-fix-null-pointer-dereference-in-ovl_get_acl.patch
(bsc#1012628 CVE-2023-54313 bsc#1255775).
- Update
patches.suse/pcmcia-rsrc_nonstatic-Fix-memory-leak-in-nonst.patch
(bsc#1012628 CVE-2023-54115 bsc#1256121).
- Update patches.suse/perf-tool-x86-Fix-perf_env-memory-leak.patch
(bsc#1012628 CVE-2023-53793 bsc#1254739).
- Update
patches.suse/phy-tegra-xusb-Clear-the-driver-reference-in-us.patch
(bsc#1012628 CVE-2023-54083 bsc#1256368).
- Update
patches.suse/pinctrl-at91-pio4-check-return-value-of-devm_ka.patch
(bsc#1012628 CVE-2023-54319 bsc#1255760).
- Update
patches.suse/pinctrl-freescale-Fix-a-memory-out-of-bounds-wh.patch
(bsc#1012628 CVE-2023-53750 bsc#1254611).
- Update
patches.suse/pinctrl-s32cc-fix-uninitialized-memory-in-s32_pinctr.patch
(git-fixes CVE-2025-68222 bsc#1255218).
- Update
patches.suse/platform-x86-intel-punit_ipc-fix-memory-corruption.patch
(git-fixes CVE-2025-68303 bsc#1255122).
- Update
patches.suse/posix-timers-Prevent-RT-livelock-in-itimer_dele.patch
(bsc#1012628 CVE-2023-53815 bsc#1254715).
- Update patches.suse/powerpc-64s-Fix-VAS-mm-use-after-free.patch
(bsc#1012628 CVE-2023-54042 bsc#1255702).
- Update
patches.suse/powerpc-iommu-Fix-notifiers-being-shared-by-PCI-and-.patch
(bsc#1065729 CVE-2023-54095 bsc#1256271).
- Update
patches.suse/powerpc-powernv-sriov-perform-null-check-on-iov.patch
(bsc#1012628 CVE-2023-54315 bsc#1255769).
- Update
patches.suse/powerpc-pseries-Rework-lppaca_shared_proc-to-avoid-D.patch
(bsc#1194869 CVE-2023-54267 bsc#1255899).
- Update
patches.suse/powerpc-pseries-fix-possible-memory-leak-in-ibmebus_.patch
(bsc#1194869 CVE-2023-54017 bsc#1255605).
- Update patches.suse/pstore-ram-Add-check-for-kstrdup.patch
(bsc#1012628 CVE-2023-54189 bsc#1255978).
- Update patches.suse/quota-fix-warning-in-dqgrab.patch
(bsc#1012628 CVE-2023-54177 bsc#1255993).
- Update patches.suse/rcu-dump-vmalloc-memory-info-safely.patch
(git-fixes CVE-2023-54113 bsc#1256351).
- Update
patches.suse/rcuscale-Move-rcu_scale_writer-schedule_timeout_unin.patch
(git-fixes CVE-2023-54246 bsc#1255915).
- Update
patches.suse/refscale-Fix-uninitalized-use-of-wait_queue_head_t.patch
(git-fixes CVE-2023-54316 bsc#1255770).
- Update
patches.suse/regmap-irq-Fix-out-of-bounds-access-when-alloca.patch
(bsc#1012628 CVE-2023-53768 bsc#1254599).
- Update
patches.suse/regmap-slimbus-fix-bus_context-pointer-in-regmap-ini.patch
(git-fixes CVE-2025-40317 bsc#1254796).
- Update
patches.suse/regulator-core-Protect-regulator_supply_alias_list-w.patch
(git-fixes CVE-2025-68354 bsc#1255553).
- Update
patches.suse/regulator-da9063-fix-null-pointer-deref-with-pa.patch
(bsc#1012628 CVE-2023-53787 bsc#1254750).
- Update patches.suse/rpmsg-glink-Add-check-for-kstrdup.patch
(git-fixes CVE-2023-54049 bsc#1256396).
- Update
patches.suse/s390-dcssblk-fix-kernel-crash-with-list_add-corruption.patch
(git-fixes bsc#1215344 CVE-2023-54117 bsc#1256348).
- Update
patches.suse/s390-vmem-split-pages-when-debug-pagealloc-is-.patch
(bsc#1012628 CVE-2023-54278 bsc#1255911).
- Update
patches.suse/samples-bpf-Fix-buffer-overflow-in-tcp_basertt.patch
(bsc#1012628 CVE-2023-54312 bsc#1255774).
- Update
patches.suse/sched-psi-use-kernfs-polling-functions-for-PSI-.patch
(bsc#1012628 CVE-2023-54019 bsc#1255636).
- Update
patches.suse/scsi-qedf-Fix-NULL-dereference-in-error-handlin.patch
(bsc#1012628 CVE-2023-54289 bsc#1255806).
- Update
patches.suse/scsi-qla2xxx-Array-index-may-go-out-of-bound.patch
(bsc#1012628 CVE-2023-54179 bsc#1255994).
- Update
patches.suse/scsi-qla2xxx-Check-valid-rport-returned-by-fc_b.patch
(bsc#1012628 CVE-2023-54014 bsc#1256300).
- Update
patches.suse/scsi-target-core-Fix-target_cmd_counter-leak.patch
(bsc#1214847 CVE-2023-54154 bsc#1256082).
- Update
patches.suse/serial-8250-Fix-oops-for-port-pm-on-uart_chang.patch
(bsc#1012628 CVE-2023-54220 bsc#1255949).
- Update patches.suse/serial-sprd-Fix-DMA-buffer-leak-issue.patch
(git-fixes CVE-2023-54136 bsc#1256099).
- Update
patches.suse/sfc-fix-crash-when-reading-stats-while-NIC-is-r.patch
(bsc#1012628 CVE-2023-54156 bsc#1255704).
- Update
patches.suse/sh-dma-Fix-DMA-channel-offset-calculation.patch
(bsc#1012628 CVE-2023-54255 bsc#1255884).
- Update patches.suse/smb-client-fix-missed-ses-refcounting.patch
(bsc#1012628 CVE-2023-54076 bsc#1256335).
- Update
patches.suse/smb-client-fix-potential-cfid-UAF-in-smb2_query_info_compound.patch
(bsc#1248886 CVE-2025-40320 bsc#1254793).
- Update patches.suse/soundwire-fix-enumeration-completion.patch
(bsc#1012628 CVE-2023-54096 bsc#1256178).
- Update patches.suse/spi-tegra210-quad-Fix-timeout-handling.patch
(bsc#1253155 CVE-2025-68746 bsc#1255722).
- Update
patches.suse/staging-r8712-Fix-memory-leak-in-_r8712_init_xm.patch
(bsc#1012628 CVE-2023-54001 bsc#1255628).
- Update
patches.suse/thermal-of-fix-double-free-on-unregistration.patch
(bsc#1012628 CVE-2023-53997 bsc#1255632).
- Update
patches.suse/tpm-tpm_vtpm_proxy-fix-a-race-condition-in-dev-.patch
(bsc#1012628 CVE-2023-54309 bsc#1255780).
- Update
patches.suse/tracing-Fix-memory-leak-of-iter-temp-when-readi.patch
(bsc#1012628 CVE-2023-54171 bsc#1256034).
- Update
patches.suse/tracing-Fix-warning-in-trace_buffered_event_dis.patch
(bsc#1012628 CVE-2023-54211 bsc#1255843).
- Update
patches.suse/tty-serial-samsung_tty-Fix-a-memory-leak-in-s3c.patch
(bsc#1012628 CVE-2023-53858 bsc#1254704).
- Update
patches.suse/usb-cdns3-gadget-Use-after-free-during-failed-initia.patch
(stable-fixes CVE-2025-40314 bsc#1255072).
- Update
patches.suse/usb-dwc3-Fix-race-condition-between-concurrent-dwc3_.patch
(git-fixes CVE-2025-68287 bsc#1255152).
- Update
patches.suse/usb-gadget-f_eem-Fix-memory-leak-in-eem_unwrap.patch
(git-fixes CVE-2025-68289 bsc#1255155).
- Update
patches.suse/usb-gadget-f_fs-Fix-epfile-null-pointer-access-after.patch
(stable-fixes CVE-2025-40315 bsc#1255083).
- Update
patches.suse/usb-potential-integer-overflow-in-usbg_make_tpg.patch
(stable-fixes CVE-2025-68750 bsc#1255814).
- Update
patches.suse/usb-storage-alauda-Fix-uninit-value-in-alauda_.patch
(bsc#1012628 CVE-2023-53847 bsc#1254698).
- Update
patches.suse/usb-storage-sddr55-Reject-out-of-bound-new_pba.patch
(stable-fixes CVE-2025-40345 bsc#1255279).
- Update
patches.suse/usb-typec-bus-verify-partner-exists-in-typec_altmode.patch
(git-fixes CVE-2023-54299 bsc#1255789).
- Update
patches.suse/usb-uas-fix-urb-unmapping-issue-when-the-uas-device-.patch
(git-fixes CVE-2025-68331 bsc#1255495).
- Update patches.suse/usbnet-Prevents-free-active-kevent.patch
(git-fixes CVE-2025-68312 bsc#1255171).
- Update
patches.suse/vdpa-Add-queue-index-attr-to-vdpa_nl_policy-fo.patch
(bsc#1012628 CVE-2023-54031 bsc#1255583).
- Update patches.suse/vduse-fix-NULL-pointer-dereference.patch
(bsc#1012628 CVE-2023-54291 bsc#1255798).
- Update
patches.suse/vfio-type1-fix-cap_migration-information-leak
(jsc#PED-7779 jsc#PED-7780 CVE-2023-54137 bsc#1256100).
- Update
patches.suse/virtio-vdpa-Fix-cpumask-memory-leak-in-virtio_.patch
(bsc#1012628 CVE-2023-54215 bsc#1255957).
- Update
patches.suse/virtio_pmem-add-the-missing-REQ_OP_WRITE-for-flush-b.patch
(git-fixes CVE-2023-54089 bsc#1256268).
- Update
patches.suse/virtio_vdpa-build-affinity-masks-conditionally.patch
(git-fixes CVE-2023-54008 bsc#1255630).
- Update
patches.suse/wifi-ath11k-Add-missing-hw_ops-get_ring_selecto.patch
(bsc#1012628 CVE-2023-54141 bsc#1256094).
- Update patches.suse/wifi-ath11k-fix-peer-HE-MCS-assignment.patch
(git-fixes CVE-2025-68380 bsc#1255580).
- Update
patches.suse/wifi-ath11k-fix-registration-of-6Ghz-only-phy-w.patch
(bsc#1012628 CVE-2023-54229 bsc#1255924).
- Update
patches.suse/wifi-ath12k-Fix-memory-leak-in-rx_desc-and-tx_desc.patch
(git-fixes CVE-2023-54016 bsc#1256279).
- Update
patches.suse/wifi-ath9k-avoid-referencing-uninit-memory-in-a.patch
(bsc#1012628 CVE-2023-54300 bsc#1255790).
- Update
patches.suse/wifi-brcmfmac-fix-crash-while-sending-Action-Frames-.patch
(git-fixes CVE-2025-40321 bsc#1254795).
- Update
patches.suse/wifi-cfg80211-ocb-don-t-leave-if-not-joined.patch
(git-fixes CVE-2023-53992 bsc#1256058).
- Update
patches.suse/wifi-mt76-mt7921-fix-skb-leak-by-txs-missing-i.patch
(bsc#1012628 CVE-2023-54052 bsc#1256387).
- Update
patches.suse/wifi-mwifiex-fix-memory-leak-in-mwifiex_histogram_re.patch
(git-fixes CVE-2023-53808 bsc#1254723).
- Update
patches.suse/wifi-rsi-Do-not-configure-WoWlan-in-shutdown-ho.patch
(bsc#1012628 CVE-2023-54025 bsc#1255558).
- Update
patches.suse/wifi-rtl818x-Fix-potential-memory-leaks-in-rtl8180_i.patch
(git-fixes CVE-2025-68759 bsc#1255934).
- Update
patches.suse/wifi-rtl818x-rtl8187-Fix-potential-buffer-underflow-.patch
(git-fixes CVE-2025-68362 bsc#1255611).
- Update patches.suse/x86-CPU-AMD-Add-RDSEED-fix-for-Zen5.patch
(git-fixes CVE-2025-68313 bsc#1255415).
- Update
patches.suse/x86-CPU-AMD-Add-missing-terminator-for-zen5_rdseed_microco.patch
(git-fixes CVE-2025-68195 bsc#1255259).
- Update
patches.suse/x86-hyperv-Disable-IBT-when-hypercall-page-lac.patch
(bsc#1012628 CVE-2023-54172 bsc#1256033).
- Update
patches.suse/x86-sev-Make-enc_dec_hypercall-accept-a-size-instead-of-npages
(bsc#1214635 CVE-2023-53996 bsc#1255618).
- Update patches.suse/xen-speed-up-grant-table-reclaim.patch
(bsc#1012628 CVE-2023-54081 bsc#1256361).
- Update
patches.suse/xfrm-also-call-xfrm_state_delete_tunnel-at-destroy-time-fo.patch
(CVE-2025-40215 bsc#1254959 CVE-2025-40256 bsc#1254851).
- commit c2db288
- KVM: SVM: Don't skip unrelated instruction if INT3/INTO is
replaced (CVE-2025-68259 bsc#1255199).
- commit bca135e
- smb: client: introduce close_cached_dir_locked() (git-fixes).
- commit f4f985c
- smb: client: fix potential UAF in smb2_close_cached_fid()
(CVE-2025-40328 bsc#1254624).
- commit e0eb1d9
- cifs: after disabling multichannel, mark tcon for reconnect
(git-fixes).
- Refresh
patches.suse/cifs-cifs_chan_is_iface_active-should-be-called-with-chan_lock-held.patch.
- Refresh
patches.suse/cifs-handle-cases-where-multiple-sessions-share-connection.patch.
- Refresh
patches.suse/smb-client-fix-UAF-in-smb2_reconnect_server-.patch.
- commit 5105d2e
- cifs: fix a pending undercount of srv_count (git-fixes).
- Refresh
patches.suse/cifs-make-sure-that-channel-scaling-is-done-only-once.patch.
- commit f2eddbf
- cifs: fix lock ordering while disabling multichannel
(git-fixes).
- commit 897a8e5
- cifs: make sure server interfaces are requested only for SMB3+
(git-fixes).
- Refresh
patches.suse/smb-client-get-rid-of-nlsc-param-in-cifs_tree_connect-.patch.
- commit 850b9c8
- Refresh
patches.suse/cifs-do-not-disable-interface-polling-on-failure.patch.
- Refresh
patches.suse/cifs-make-sure-server-interfaces-are-requested-only-for-SMB3-.patch.
- commit 4e4929f
- cifs: reset iface weights when we cannot find a candidate
(git-fixes).
- commit a4fc567
- cifs: make cifs_chan_update_iface() a void function (git-fixes).
- Refresh
patches.suse/cifs-reduce-warning-log-level-for-server-not-advertising-interfaces.patch.
- commit d2b9424
- smb: client: fix warning when reconnecting channel (git-fixes).
- commit 87ea733
- cifs: do not disable interface polling on failure (git-fixes).
- commit 40cfdea
- cifs: deal with the channel loading lag while picking channels
(git-fixes).
- commit 979af19
- cifs: handle when server stops supporting multichannel
(git-fixes).
- Refresh
patches.suse/cifs-cifs_chan_is_iface_active-should-be-called-with-chan_lock-held.patch.
- Refresh
patches.suse/cifs-handle-cases-where-multiple-sessions-share-connection.patch.
- Refresh
patches.suse/smb-client-fix-UAF-in-smb2_reconnect_server-.patch.
- Refresh
patches.suse/smb-client-get-rid-of-nlsc-param-in-cifs_tree_connect-.patch.
- commit c8dfa59
- cifs: make sure that channel scaling is done only once
(git-fixes).
- commit 3175d69
- cifs: handle when server starts supporting multichannel
(git-fixes).
- commit cc5563a
- cifs: dns resolution is needed only for primary channel
(git-fixes).
- commit b750bd0
- cifs: update dstaddr whenever channel iface is updated
(git-fixes).
- commit 87415ee
- cifs: reset connections for all channels when reconnect
requested (git-fixes).
- commit 506f274
- mptcp: fix race condition in mptcp_schedule_work()
(CVE-2025-40258 bsc#1254843).
- commit 664f157
- bs-upload-kernel: Fix cve branch uploads
- commit 2716d28
- scripts: teaapi: Add paging
- commit dfea5bd
- scrits: teaapi: Add list_repos
- commit 83fa609
- scripts: bs-upload-kernel: do not create the IGNORE-KABI-BADNESS file
There is a tar-up option that creates it. bs-upload-kernel should only
set the ignore_kabi_badness macro in prjconf.
- commit 1bc75ca
- tracing: Fix race condition in kprobe initialization causing
NULL pointer dereference (CVE-2025-40042 bsc#1252861).
- commit ee6a745
- README.BRANCH: SLE15-SP6 became LTSS, update maintainers
- commit f86184e
- cpuidle: menu: Use residency threshold in polling state override
decisions (bsc#1255026).
- commit 2c42ea1
- gfs2: Fix unlikely race in gdlm_put_lock (CVE-2025-40242
bsc#1255075).
- commit c371711
- sctp: Prevent TOCTOU out-of-bounds write (CVE-2025-40331
bsc#1254615).
- commit a261090
- net: bridge: fix use-after-free due to MST port state bypass
(CVE-2025-40297 bsc#1255187).
- commit 551613c
- ocfs2: clear extent cache after moving/defragmenting extents
(CVE-2025-40233 bsc#1254813).
- commit 2e6aaae
- net: use dst_dev_rcu() in sk_setup_caps() (CVE-2025-40170
bsc#1253413).
- commit 7607c99
- ipv6: use RCU in ip6_output() (CVE-2025-40158 bsc#1253402).
- ipv6: use RCU in ip6_xmit() (CVE-2025-40135 bsc#1253342).
- ipv6: use RCU in ip6_output() (CVE-2025-40158 bsc#1253402).
- ipv6: use RCU in ip6_xmit() (CVE-2025-40135 bsc#1253342).
- commit c7716e0
- tipc: Fix use-after-free in tipc_mon_reinit_self()
(CVE-2025-40280 bsc#1254847).
- commit 293c735
- xfrm: also call xfrm_state_delete_tunnel at destroy time for
states that were never added (CVE-2025-40215 bsc#1254959).
- commit ae22a6c
- xfrm: delete x->tunnel as we delete x (CVE-2025-40215
bsc#1254959).
- commit 13f0f1f
- kABI: xfrm: delete x->tunnel as we delete x (bsc#1254959
CVE-2025-40215).
- commit 63a872c
- Move upstreamed ath12k patch into sorted section
- commit fa80682
- Move upstreamed SCSI patches into sorted section
- commit 8ea340d
- futex: Prevent use-after-free during requeue-PI (CVE-2025-39977
bsc#1252046).
- commit 3062182
- usb: raw-gadget: cap raw_io transfer length to KMALLOC_MAX_SIZE
(git-fixes).
- commit 808d009
- usb: typec: ucsi: psy: Set max current to zero when disconnected
(git-fixes).
- commit de6f0cd
- USB: serial: option: add Telit FN920C04 ECM compositions
(stable-fixes).
- USB: serial: option: add Quectel RG255C (stable-fixes).
- USB: serial: option: add UNISOC UIS7720 (stable-fixes).
- usb: dwc3: Abort suspend on soft disconnect failure (git-fixes).
- usb: chipidea: udc: limit usb request length to max 16KB
(stable-fixes).
- commit 15d4d36
- usb: raw-gadget: do not limit transfer length (git-fixes).
- usb: vhci-hcd: Prevent suspending virtually attached devices
(git-fixes).
- usb: typec: tipd: Clear interrupts first (git-fixes).
- usb: udc: Add trace event for usb_gadget_set_state
(stable-fixes).
- usb: gadget: configfs: Correctly set use_os_string at bind
(git-fixes).
- commit c4f787c
- Correct USB typec tcpm patches
In upstream backports, changes were applied to wrong places (sink
instead of source). In the stable upstream, it was corrected in a
commit d967f6ae3149, but we fold the corrections in each patch,
instead.
Refreshed:
patches.suse/usb-typec-tcpm-fix-use-after-free-case-in-tcpm_regis.patch
patches.suse/usb-typec-tcpm-unregister-existing-source-caps-befor.patch
- commit 55aaa8f
- x86/hyperv: Fix APIC ID and VP index confusion in hv_snp_boot_ap() (git-fixes).
- commit 4dc2ee9
- irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc()
(git-fixes).
- drm/mgag200: Fix big-endian support (git-fixes).
- drm/ttm: Avoid NULL pointer deref for evicted BOs (git-fixes).
- drm: nouveau: Replace sprintf() with sysfs_emit() (git-fixes).
- rtc: gamecube: Check the return value of ioremap() (git-fixes).
- commit 4a0695a
- ASoC: codecs: wcd938x: fix OF node leaks on probe failure
(git-fixes).
- ASoC: ak5558: Disable regulator when error happens (git-fixes).
- ASoC: ak4458: Disable regulator when error happens (git-fixes).
- ALSA: firewire-motu: add bounds check in put_user loop for
DSP events (git-fixes).
- ALSA: uapi: Fix typo in asound.h comment (git-fixes).
- ALSA: firewire-motu: fix buffer overflow in hwdep read for
DSP events (git-fixes).
- ALSA: hda: cs35l41: Fix NULL pointer dereference in
cs35l41_hda_read_acpi() (git-fixes).
- commit 203c44f
- ext4: detect invalid INLINE_DATA + EXTENTS flag combination
(bsc#1253458 CVE-2025-40167).
- commit 18e6218
- ext4: align max orphan file size with e2fsprogs limit
(bsc#1253442 CVE-2025-40179).
- commit 7ae82ce
- ext4: free orphan info with kvfree (bsc#1253442 CVE-2025-40179).
- commit a10c019
- ext4: verify orphan file size is not too big (bsc#1253442
CVE-2025-40179).
- commit 6c1724d
- Revert "ipmi: fix msg stack when IPMI is disconnected" (bsc#1253622 CVE-2025-40192)
- commit 33bdbac
- kABI workaround for HCI_LE_ADV_0 addition (git-fixes).
- commit 90a4a45
- Bluetooth: HCI: Fix tracking of advertisement set/instance 0x00
(git-fixes).
- commit 02e48bb
- cpufreq: intel_pstate: Check IDA only before MSR_IA32_PERF_CTL
writes (git-fixes).
- commit 8914d15
- i2c: amd-mp2: fix reference leak in MP2 PCI device (git-fixes).
- i2c: i2c.h: fix a bad kernel-doc line (git-fixes).
- platform/x86: asus-wmi: use brightness_set_blocking() for kbd
led (git-fixes).
- commit 9bd979e
- smb3: fix for slab out of bounds on mount to ksmbd (bsc#1249256,
CVE-2025-38728).
- commit 8caf30e
- spi: tegra210-quad: Check hardware status on timeout (bsc#1253155)
- commit d031559
- spi: tegra210-quad: Refactor error handling into helper functions (bsc#1253155)
- commit 82f1192
- spi: tegra210-quad: Fix timeout handling (bsc#1253155)
- commit bd1de03
- spi: tegra210-qspi: Remove cache operations (git-fixes)
- commit a5fab01
- spi: tegra210-quad: Add support for internal DMA (git-fixes)
- commit 8c1e0cc
- spi: tegra210-quad: Update dummy sequence configuration (git-fixes)
- commit 8db7584
- Delete patches.suse/spi-tegra210-quad-Fix-timeout-handling.patch.
It will reinserted as part of bsc#1253155 update request.
- commit aed40ae
- smb: Log an error when close_all_cached_dirs fails (bsc#1246328,
CVE-2025-38321).
- commit a8a838a
- arm64: zynqmp: Revert usb node drive strength and slew rate for (git-fixes)
- commit 056601e
- arm64: zynqmp: Fix usb node drive strength and slew rate (git-fixes)
- commit 10b4884
- wifi: ath12k: fix memory leak in ath12k_service_ready_ext_event
(CVE-2025-39890 bsc#1250334).
- commit 51d9ba6
- dm-verity: fix unreliable memory allocation (git-fixes).
- commit 811cec6
- ipmi: Fix handling of messages with provided receive message
pointer (git-fixes).
- commit 2e987f2
- ipmi: Rework user message limit handling (git-fixes).
- commit 4cbb961
- mm/hugetlb: fix folio is still mapped when deleted
(CVE-2025-40006 bsc#1252342).
- commit e2e7e3b
- hwmon: (w83791d) Convert macros to functions to avoid TOCTOU
(git-fixes).
- pinctrl: stm32: fix hwspinlock resource leak in probe function
(git-fixes).
- phy: renesas: rcar-gen3-usb2: Fix an error handling path in
rcar_gen3_phy_usb2_probe() (git-fixes).
- phy: broadcom: bcm63xx-usbh: fix section mismatches (git-fixes).
- commit 2f1faf6
- mm: hugetlb: avoid soft lockup when mprotect to large memory
area (CVE-2025-40153 bsc#1253408).
- commit 03b4aee
- powerpc/64s/slb: Fix SLB multihit issue during SLB preload
(bac#1236022 ltc#211187).
- commit 1a4723e
- i3c: master: svc: Prevent incomplete IBI transaction
(git-fixes).
- clk: qcom: camcc-sm6350: Fix PLL config of PLL2 (git-fixes).
- clk: qcom: camcc-sm6350: Specify Titan GDSC power domain as
a parent to other (git-fixes).
- clk: renesas: r9a06g032: Fix memory leak in error path
(git-fixes).
- clk: renesas: cpg-mssr: Add missing 1ms delay into reset toggle
callback (git-fixes).
- commit 4cf8a99
- staging: fbtft: core: fix potential memory leak in
fbtft_probe_common() (git-fixes).
- usb: gadget: tegra-xudc: Always reinitialize data toggle when
clear halt (git-fixes).
- USB: serial: kobil_sct: fix TIOCMBIS and TIOCMBIC (git-fixes).
- USB: serial: belkin_sa: fix TIOCMBIS and TIOCMBIC (git-fixes).
- usb: phy: Initialize struct usb_phy list_head (git-fixes).
- usb: dwc2: fix hang during suspend if set as peripheral
(git-fixes).
- usb: chaoskey: fix locking for O_NONBLOCK (git-fixes).
- USB: Fix descriptor count when handling invalid MBIM extended
descriptor (git-fixes).
- intel_th: Fix error handling in intel_th_output_open
(git-fixes).
- comedi: pcl818: fix null-ptr-deref in pcl818_ai_cancel()
(git-fixes).
- comedi: multiq3: sanitize config options in multiq3_attach()
(git-fixes).
- comedi: check device's attached status in compat ioctls
(git-fixes).
- comedi: c6xdigio: Fix invalid PNP driver unregistration
(git-fixes).
- firmware: stratix10-svc: fix make htmldocs warning for
stratix10_svc (git-fixes).
- iio: core: Clean up device correctly on iio_device_alloc()
failure (git-fixes).
- iio: core: add missing mutex_destroy in iio_dev_release()
(git-fixes).
- iio: imu: st_lsm6dsx: Fix measurement unit for odr struct member
(git-fixes).
- firmware: stratix10-svc: Add mutex in stratix10 memory
management (git-fixes).
- uio: uio_fsl_elbc_gpcm:: Add null pointer check to
uio_fsl_elbc_gpcm_probe (git-fixes).
- fbdev: ssd1307fb: fix potential page leak in ssd1307fb_probe()
(git-fixes).
- fbdev: pxafb: Fix multiple clamped values in pxafb_adjust_timing
(git-fixes).
- fbdev: tcx.c fix mem_map to correct smem_start offset
(git-fixes).
- watchdog: wdat_wdt: Fix ACPI table leak in probe function
(git-fixes).
- rpmsg: glink: fix rpmsg device leak (git-fixes).
- iio: accel: bmc150: Fix irq assumption regression
(stable-fixes).
- usb: storage: sddr55: Reject out-of-bound new_pba
(stable-fixes).
- USB: serial: option: add support for Rolling RW101R-GL
(stable-fixes).
- USB: serial: ftdi_sio: add support for u-blox EVK-M101
(stable-fixes).
- usb: dwc3: pci: Sort out the Intel device IDs (stable-fixes).
- usb: dwc3: pci: add support for the Intel Nova Lake -S
(stable-fixes).
- thunderbolt: Add support for Intel Wildcat Lake (stable-fixes).
- drm/amd/display: Check NULL before accessing (stable-fixes).
- ALSA: usb-audio: Add DSD quirk for LEAK Stereo 230
(stable-fixes).
- commit a6f8c1f
- soc: amlogic: canvas: fix device leak on lookup (git-fixes).
- soc: qcom: smem: fix hwspinlock resource leak in probe error
paths (git-fixes).
- soc: qcom: ocmem: fix device leak on lookup (git-fixes).
- firmware: imx: scu-irq: fix OF node leak in (git-fixes).
- soc/tegra: fuse: speedo-tegra210: Update speedo IDs (git-fixes).
- commit 67bcab6
- PCI: rcar-gen2: Drop ARM dependency from PCI_RCAR_GEN2
(git-fixes).
- PCI: keystone: Exit ks_pcie_probe() for invalid mode
(git-fixes).
- PCI: dwc: Fix wrong PORT_LOGIC_LTSSM_STATE_MASK definition
(git-fixes).
- PCI/PM: Reinstate clearing state_saved in legacy and !PM
codepaths (git-fixes).
- power: supply: apm_power: only unset own apm_get_power_status
(git-fixes).
- power: supply: wm831x: Check wm831x_set_bits() return value
(git-fixes).
- power: supply: rt9467: Prevent using uninitialized local
variable in rt9467_set_value_from_ranges() (git-fixes).
- power: supply: rt9467: Return error on failure in
rt9467_set_value_from_ranges() (git-fixes).
- power: supply: cw2015: Check devm_delayed_work_autocancel()
return code (git-fixes).
- mfd: mt6358-irq: Fix missing irq_domain_remove() in error path
(git-fixes).
- mfd: mt6397-irq: Fix missing irq_domain_remove() in error path
(git-fixes).
- mfd: max77620: Fix potential IRQ chip conflict when probing
two devices (git-fixes).
- platform/x86: intel: chtwc_int33fe: don't dereference swnode
args (git-fixes).
- spi: bcm63xx: drop wrong casts in probe() (git-fixes).
- spi: tegra210-quad: Fix timeout handling (git-fixes).
- regulator: core: Protect regulator_supply_alias_list with
regulator_list_mutex (git-fixes).
- regulator: core: disable supply if enabling main regulator fails
(git-fixes).
- mtd: rawnand: renesas: Handle devm_pm_runtime_enable() errors
(git-fixes).
- mtd: rawnand: lpc32xx_slc: fix GPIO descriptor leak on probe
error and remove (git-fixes).
- mtd: nand: relax ECC parameter validation check (git-fixes).
- Revert "mtd: rawnand: marvell: fix layouts" (git-fixes).
- mtd: lpddr_cmds: fix signed shifts in lpddr_cmds (git-fixes).
- mtd: maps: pcmciamtd: fix potential memory leak in
pcmciamtd_detach() (git-fixes).
- pwm: bcm2835: Make sure the channel is enabled after
pwm_request() (git-fixes).
- platform/chrome: cros_ec_ishtp: Fix UAF after unbinding driver
(git-fixes).
- commit 6ae74c9
- mfd: da9055: Fix missing regmap_del_irq_chip() in error path
(git-fixes).
- mfd: altera-sysmgr: Fix device leak on sysmgr regmap lookup
(git-fixes).
- media: rc: st_rc: Fix reset control resource leak (git-fixes).
- media: videobuf2: Fix device reference leak in vb2_dc_alloc
error path (git-fixes).
- media: vpif_display: fix section mismatch (git-fixes).
- media: vpif_capture: fix section mismatch (git-fixes).
- media: samsung: exynos4-is: fix potential ABBA deadlock on init
(git-fixes).
- media: renesas: rcar_drif: fix device node reference leak in
rcar_drif_bond_enabled (git-fixes).
- media: amphion: Cancel message work before releasing the VPU
core (git-fixes).
- media: verisilicon: Protect G2 HEVC decoder against invalid
DPB index (git-fixes).
- media: v4l2-mem2mem: Fix outdated documentation (git-fixes).
- media: cec: Fix debugfs leak on bus_register() failure
(git-fixes).
- media: vidtv: initialize local pointers upon transfer of memory
ownership (git-fixes).
- media: pvrusb2: Fix incorrect variable used in trace message
(git-fixes).
- media: msp3400: Avoid possible out-of-bounds array accesses
in msp3400c_thread() (git-fixes).
- media: adv7842: Avoid possible out-of-bounds array accesses
in adv7842_cp_log_status() (git-fixes).
- media: i2c: ADV7604: Remove redundant cancel_delayed_work in
probe (git-fixes).
- media: i2c: adv7842: Remove redundant cancel_delayed_work in
probe (git-fixes).
- media: TDA1997x: Remove redundant cancel_delayed_work in probe
(git-fixes).
- media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100_i2c_msg()
(git-fixes).
- commit 0f91c8f
- Documentation: hid-alps: Fix packet format section headings
(git-fixes).
- HID: logitech-hidpp: Do not assume FAP in
hidpp_send_message_sync() (git-fixes).
- HID: logitech-dj: Remove duplicate error logging (git-fixes).
- backlight: lp855x: Fix lp855x.h kernel-doc warnings (git-fixes).
- backlight: led-bl: Add devlink to supplier LEDs (git-fixes).
- leds: netxbig: Fix GPIO descriptor leak in error paths
(git-fixes).
- leds: leds-lp50xx: Enable chip before any communication
(git-fixes).
- leds: leds-lp50xx: LP5009 supports 3 modules for a total of
9 LEDs (git-fixes).
- leds: leds-lp50xx: Allow LED 0 to be added to module bank
(git-fixes).
- hwmon: (max16065) Use local variable to avoid TOCTOU
(git-fixes).
- hwmon: (w83l786ng) Convert macros to functions to avoid TOCTOU
(git-fixes).
- hwmon: sy7636a: Fix regulator_enable resource leak on error path
(git-fixes).
- ASoC: Intel: catpt: Fix error path in hw_params() (git-fixes).
- ASoC: stm32: sai: fix OF node leak on probe (git-fixes).
- ASoC: stm32: sai: fix clk prepare imbalance on probe failure
(git-fixes).
- ASoC: stm32: sai: fix device leak on probe (git-fixes).
- ASoC: qcom: q6asm-dai: perform correct state check before
closing (git-fixes).
- ASoC: qcom: qdsp6: q6asm-dai: set 10 ms period and buffer
alignment (git-fixes).
- ASoC: qcom: q6adm: the the copp device only during last instance
(git-fixes).
- ALSA: dice: fix buffer overflow in detect_stream_formats()
(git-fixes).
- ASoC: fsl_xcvr: clear the channel status control memory
(git-fixes).
- drm/amdgpu: add missing lock to amdgpu_ttm_access_memory_sdma
(git-fixes).
- drm/amd/display: Fix logical vs bitwise bug in
get_embedded_panel_info_v2_1() (git-fixes).
- drm/nouveau: restrict the flush page to a 32-bit address
(git-fixes).
- drm/mediatek: Fix device node reference leak in
mtk_dp_dt_parse() (git-fixes).
- drm/mediatek: Fix CCORR mtk_ctm_s31_32_to_s1_n function issue
(git-fixes).
- drm/msm/a6xx: Flush LRZ cache before PT switch (git-fixes).
- drm/msm/a6xx: Fix out of bound IO access in
a6xx_get_gmu_registers (git-fixes).
- drm/msm/a2xx: stop over-complaining about the legacy firmware
(git-fixes).
- drm/msm/dpu: Remove dead-code in
dpu_encoder_helper_reset_mixers() (git-fixes).
- drm/vgem-fence: Fix potential deadlock on release (git-fixes).
- drm/gma500: Remove unused helper psb_fbdev_fb_setcolreg()
(git-fixes).
- gpu: host1x: Fix race in syncpt alloc/free (git-fixes).
- commit 7fcfbe3
- RDMA/irdma: Remove unused struct irdma_cq fields (git-fixes)
Refresh patches.suse/RDMA-irdma-Set-irdma_cq-cq_num-field-during-CQ-creat.patch
- commit acb152c
- wifi: nl80211: vendor-cmd: intel: fix a blank kernel-doc line
warning (git-fixes).
- wifi: ieee80211: correct FILS status codes (git-fixes).
- mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add()
(git-fixes).
- wifi: mt76: Fix DTS power-limits on little endian systems
(git-fixes).
- wifi: rtl818x: rtl8187: Fix potential buffer underflow in
rtl8187_rx_cb() (git-fixes).
- wifi: rtl818x: Fix potential memory leaks in
rtl8180_init_rx_ring() (git-fixes).
- wifi: mac80211: fix CMAC functions not handling errors
(git-fixes).
- net: phy: adin1100: Fix software power-down ready condition
(git-fixes).
- wifi: cw1200: Fix potential memory leak in cw1200_bh_rx_helper()
(git-fixes).
- wifi: ath11k: fix peer HE MCS assignment (git-fixes).
- wifi: ath11k: restore register window after global reset
(git-fixes).
- lib/vsprintf: Check pointer before dereferencing in
time_and_date() (git-fixes).
- Documentation/kernel-parameters: fix typo in retbleed= kernel
parameter description (git-fixes).
- Documentation: parport-lowlevel: Separate function listing
code blocks (git-fixes).
- docs: w1: fix w1-netlink invalid URL (git-fixes).
- crypto: ccree - Correctly handle return of sg_nents_for_len
(git-fixes).
- crypto: iaa - Fix incorrect return value in save_iaa_wq()
(git-fixes).
- crypto: rockchip - drop redundant crypto_skcipher_ivsize()
calls (git-fixes).
- crypto: hisilicon/qm - restore original qos values (git-fixes).
- crypto: asymmetric_keys - prevent overflow in
asymmetric_key_generate_id (git-fixes).
- crypto: authenc - Correctly pass EINPROGRESS back up to the
caller (git-fixes).
- ima: Handle error code returned by ima_filter_rule_match()
(git-fixes).
- KEYS: trusted: Fix a memory leak in tpm2_load_cmd (git-fixes).
- KEYS: trusted_tpm1: Compare HMAC values in constant time
(git-fixes).
- commit 912d691
- btrfs: make sure extent and csum paths are always released in
scrub_raid56_parity_stripe() (git-fixes).
- commit 6dcb53c
- ACPI: property: Fix fwnode refcount leak in
acpi_fwnode_graph_parse_endpoint() (git-fixes).
- ACPI: processor_core: fix map_x2apic_id for amd-pstate on am4
(git-fixes).
- efi/libstub: Fix page table access in 5-level to 4-level paging
transition (git-fixes).
- efi/libstub: Describe missing 'out' parameter in efi_load_initrd
(git-fixes).
- commit 242aae6
- Input: cros_ec_keyb - fix an invalid memory access
(stable-fixes).
- Input: goodix - add support for ACPI ID GDIX1003 (stable-fixes).
- drm/amdgpu: Skip emit de meta data on gfx11 with rs64 enabled
(stable-fixes).
- drm/amd/display: Increase DPCD read retries (stable-fixes).
- drm/amd/display: Move sleep into each retry for
retrieve_link_cap() (stable-fixes).
- kconfig/nconf: Initialize the default locale at startup
(stable-fixes).
- kconfig/mconf: Initialize the default locale at startup
(stable-fixes).
- Input: goodix - add support for ACPI ID GDX9110 (stable-fixes).
- commit 7011d30
- orangefs: fix xattr related buffer overflow.. (git-fixes).
- commit f97ca07
- rpm/mkspec: Exclude azure from kernel-syms dependencies
Similar to rt azure was initially a separate kernel variant, and not all
KMPs are built for it. kernel-azure-devel should be included as explicit
build depedency to get a KMP for this kernel flavor.
- commit c174e9b
- spi: amlogic-spifc-a1: Handle devm_pm_runtime_enable() errors
(git-fixes).
- spi: bcm63xx: fix premature CS deassertion on RX-only
transactions (git-fixes).
- firmware: stratix10-svc: fix bug in saving controller data
(git-fixes).
- iio: st_lsm6dsx: Fixed calibrated timestamp calculation
(git-fixes).
- iio: imu: st_lsm6dsx: fix array size for st_lsm6dsx_settings
fields (git-fixes).
- iio: accel: fix ADXL355 startup race condition (git-fixes).
- iio:common:ssp_sensors: Fix an error handling path ssp_probe()
(git-fixes).
- iio: adc: ad7280a: fix ad7280_store_balance_timer() (git-fixes).
- most: usb: fix double free on late probe failure (git-fixes).
- slimbus: ngd: Fix reference count leak in
qcom_slim_ngd_notify_slaves (git-fixes).
- serial: amba-pl011: prefer dma_mapping_error() over explicit
address checking (git-fixes).
- usb: gadget: renesas_usbf: Handle devm_pm_runtime_enable()
errors (git-fixes).
- USB: storage: Remove subclass and protocol overrides from
Novatek quirk (git-fixes).
- usb: uas: fix urb unmapping issue when the uas device is remove
during ongoing data transfer (git-fixes).
- usb: dwc3: Fix race condition between concurrent
dwc3_remove_requests() call paths (git-fixes).
- xhci: dbgtty: fix device unregister (git-fixes).
- usb: gadget: f_eem: Fix memory leak in eem_unwrap (git-fixes).
- drivers/usb/dwc3: fix PCI parent check (git-fixes).
- usb: storage: Fix memory leak in USB bulk transport (git-fixes).
- usb: cdns3: Fix double resource release in cdns3_pci_probe
(git-fixes).
- mailbox: mailbox-test: Fix debugfs_create_dir error checking
(git-fixes).
- drm: sti: fix device leaks at component probe (git-fixes).
- drm/amdgpu: fix cyan_skillfish2 gpu info fw handling
(git-fixes).
- commit 17705d7
- net: dlink: handle copy_thresh allocation failure (CVE-2025-40053 bsc#1252808)
- commit 975011b
- pid: Add a judgment for ns null in pid_nr_ns (CVE-2025-40178 bsc#1253463)
- commit ce07984
- net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce() (CVE-2025-40187 bsc#1253647)
- commit e8a76b4
- can: sun4i_can: sun4i_can_interrupt(): fix max irq loop handling
(git-fixes).
- can: gs_usb: gs_usb_xmit_callback(): fix handling of failed
transmitted URBs (git-fixes).
- can: sja1000: fix max irq loop handling (git-fixes).
- can: kvaser_usb: leaf: Fix potential infinite loop in command
parsers (git-fixes).
- net: phy: mxl-gpy: fix link properties on USXGMII and internal
PHYs (git-fixes).
- atm/fore200e: Fix possible data race in fore200e_open()
(git-fixes).
- Bluetooth: SMP: Fix not generating mackey and ltk when repairing
(git-fixes).
- Bluetooth: hci_sock: Prevent race in socket write iter and
sock bind (git-fixes).
- net: phy: mxl-gpy: fix bogus error on USXGMII and integrated
PHY (git-fixes).
- platform/x86: intel: punit_ipc: fix memory corruption
(git-fixes).
- atm: idt77252: Add missing `dma_map_error()` (stable-fixes).
- commit 2366cbf
- remoteproc: pru: Fix potential NULL pointer dereference in pru_rproc_set_ctable() (CVE-2025-40033 bsc#1252824)
- commit 2054391
- dm: fix NULL pointer dereference in __dm_suspend() (CVE-2025-40134 bsc#1253386)
- commit 1e5953d
- dm: fix queue start/stop imbalance under suspend/load/resume races (bsc#1253386)
- commit bd1d198
- KVM: arm64: Prevent access to vCPU events before init (CVE-2025-40102 bsc#1252919)
- commit 104fba7
- perf: arm_spe: Prevent overflow in PERF_IDX2OFF() (CVE-2025-40081 bsc#1252776)
- commit f1cab17
- Add dtb-spacemit
SpacemiT boards include MilkV-Jupiter, Banana Pi F3 and Orange Pi RV2.
- commit f2f396d
- scsi: lpfc: Update lpfc version to 14.4.0.12 (bsc#1254119).
- scsi: lpfc: Add capability to register Platform Name ID to
fabric (bsc#1254119).
- scsi: lpfc: Allow support for BB credit recovery in
point-to-point topology (bsc#1254119).
- scsi: lpfc: Fix reusing an ndlp that is marked NLP_DROPPED
during FLOGI (bsc#1254119).
- scsi: lpfc: Modify kref handling for Fabric Controller ndlps
(bsc#1254119).
- scsi: lpfc: Fix leaked ndlp krefs when in point-to-point
topology (bsc#1254119).
- scsi: lpfc: Ensure unregistration of rpis for received PLOGIs
(bsc#1254119).
- scsi: lpfc: Remove redundant NULL ptr assignment in
lpfc_els_free_iocb() (bsc#1254119).
- scsi: lpfc: Revise discovery related function headers and
comments (bsc#1254119).
- scsi: lpfc: Update various NPIV diagnostic log messaging
(bsc#1254119).
- commit bfcfc18
- nvme-multipath: fix lockdep WARN due to partition scan work
(git-fixes bsc#1233640 CVE-2024-53093).
- commit 28a7b7d
- dm-integrity: limit MAX_TAG_SIZE to 255 (git-fixes).
- commit a7bb416
- nvme: Use non zero KATO for persistent discovery connections
(git-fixes).
- commit 4d9eece
- crmsh
-
- Update to version 4.6.2+20260126.475e4dc3:
* Dev: options: Change 'force' option to be session-only (bsc#1254892)
* Fix: sbd: Allow setting -1 to stonith-watchdog-timeout (bsc#1257143)
- glib2
-
- Add glib2-CVE-2026-0988.patch: fix a potential integer overflow
in g_buffered_input_stream_peek (bsc#1257049 CVE-2026-0988
glgo#GNOME/glib#3851).
- harfbuzz
-
- Add harfbuzz-CVE-2026-22693.patch: fix a NULL pointer dereference
(bsc#1256459 CVE-2026-22693).
- openssl-1_1
-
- Security fixes:
* Missing ASN1_TYPE validation in PKCS#12 parsing
* ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function
- openssl-CVE-2026-22795.patch [bsc#1256839, CVE-2026-22795], [bsc#1256840, CVE-2026-22796]
* Missing ASN1_TYPE validation in TS_RESP_verify_response() function
- openssl-CVE-2025-69420.patch [bsc#1256837, CVE-2025-69420]
* NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function
- openssl-CVE-2025-69421.patch [bsc#1256838, CVE-2025-69421]
* Heap out-of-bounds write in BIO_f_linebuffer on short writes
- openssl-CVE-2025-68160.patch [bsc#1256834, CVE-2025-68160]
* Unauthenticated/unencrypted trailing bytes with low-level OCB function calls
- openssl-CVE-2025-69418.patch [bsc#1256835, CVE-2025-69418]
* Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion
- openssl-CVE-2025-69419.patch [bsc#1256836, CVE-2025-69419]
- openssl-3
-
- Security fixes:
* Missing ASN1_TYPE validation in PKCS#12 parsing
- openssl-CVE-2026-22795.patch [bsc#1256839, CVE-2026-22795]
* ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function
- openssl-CVE-2026-22795.patch [bsc#1256840, CVE-2026-22796]
* Missing ASN1_TYPE validation in TS_RESP_verify_response() function
- openssl-CVE-2025-69420.patch [bsc#1256837, CVE-2025-69420]
* NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function
- openssl-CVE-2025-69421.patch [bsc#1256838, CVE-2025-69421]
* Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion
- openssl-CVE-2025-69419.patch [bsc#1256836, CVE-2025-69419]
* Heap out-of-bounds write in BIO_f_linebuffer on short writes
- openssl-CVE-2025-68160.patch [bsc#1256834, CVE-2025-68160]
* Unauthenticated/unencrypted trailing bytes with low-level OCB function calls
- openssl-CVE-2025-69418.patch [bsc#1256835, CVE-2025-69418]
* Stack buffer overflow in CMS AuthEnvelopedData parsing
- openssl-CVE-2025-15467.patch [bsc#1256830, CVE-2025-15467]
- openssl-CVE-2025-15467-comments.patch
- openssl-CVE-2025-15467-test.patch
- libpng16
-
- security update
- added patches
CVE-2025-28162 [bsc#1257364], memory leaks when running `pngimage`
CVE-2025-28164 [bsc#1257365], memory leaks when running `pngimage`
* libpng16-CVE-2025-28162,28164.patch
- python311
-
- Add CVE-2025-13836-http-resp-cont-len.patch (bsc#1254400,
CVE-2025-13836) to prevent reading an HTTP response from
a server, if no read amount is specified, with using
Content-Length per default as the length.
- Add CVE-2025-12084-minidom-quad-search.patch prevent quadratic
behavior in node ID cache clearing (CVE-2025-12084,
bsc#1254997).
- Add CVE-2025-13837-plistlib-mailicious-length.patch protect
against OOM when loading malicious content (CVE-2025-13837,
bsc#1254401).
- tiff
-
- security update:
* CVE-2025-9900 [bsc#1250413]
Fix Write-What-Where in libtiff via TIFFReadRGBAImageOriented
- python-certifi
-
- Add python36-certifi provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-decorator
-
- Add python36-decorator provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-idna
-
- Add python36-idna provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-importlib-metadata
-
- Add python36-importlib-metadata provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-packaging
-
- Add python36-packaging provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-psutil
-
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- python-pycparser
-
- Add python36-pycparser provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-python-dateutil
-
- Add python36-python-dateutil provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-pytz
-
- Add python36-pytz provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-py
-
- Add python36-py provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-requests
-
- Add python36- provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-six
-
- Add python36-six provides/obsoletes to enable SLE-12 ->
SLE-15 migration, bsc#1233012
- python-setuptools
-
- Add patch pep-0639.patch to implement basic PEP 639 support,
jsc#PED-14457, bsc#1254255
- Skip failing test test_debugging_tips
- supportutils
-
- Changes to version 3.2.12
+ Optimized lsof usage and honors OPTION_OFILES (bsc#1232351, PR#274)
+ Run in containers without errors (bsc#1245667, PR#272)
+ Removed pmap PID from memory.txt (bsc#1246011, PR#263)
+ Added missing /proc/pagetypeinfo to memory.txt (bsc#1246025, PR#264)
+ Improved database perforce with kGraft patching (bsc#1249657, PR#273)
+ Using last boot for journalctl for optimization (bsc#1250224, PR#287)
+ Fixed extraction failures (bsc#1252318, PR#275)
+ Update supportconfig.conf path in docs (bsc#1254425, PR#281)
+ drm_sub_info: Catch error when dir doesn't exist (PR#265)
+ Replace remaining `egrep` with `grep -E` (PR#261, PR#266)
+ Add process affinity to slert logs (PR#269)
+ Reintroduce cgroup statistics (and v2) (PR#270)
+ Minor changes to basic-health-check: improve information level (PR#271)
+ Collect important machine health counters (PR#276)
+ powerpc: collect hot-pluggable PCI and PHB slots (PR#278)
+ podman: collect podman disk usage (PR#279)
+ Exclude binary files in crondir (PR#282)
+ kexec/kdump: collect everything under /sys/kernel/kexec dir (PR#284)
+ Use short-iso for journalctl (PR#288)
- Changes to version 3.2.11
+ Collect rsyslog frule files (bsc#1244003, pr#257)
+ Remove proxy passwords (bsc#1244011, pr#257)
+ Missing NetworkManager information (bsc#1241284, pr#257)
+ Include agama logs bsc#1244937, pr#256)
+ Additional NFS conf files (pr#253)
+ New fadump sysfs files (pr#252)
+ Fixed change log dates
- xen
-
- bsc#1256745 - VUL-0: CVE-2025-58150: xen: x86: buffer overrun
with shadow paging + tracing (XSA-477)
xsa477.patch
- bsc#1256747 - VUL-0: CVE-2026-23553: xen: x86: incomplete IBPB
for vCPU isolation (XSA-479)
xsa479.patch