SUSE alert SUSE-SU-2025:20483-1 (kernel)
| From: | SLE-SECURITY-UPDATES <null@suse.de> | |
| To: | sle-security-updates@lists.suse.com | |
| Subject: | SUSE-SU-2025:20483-1: important: Security update for the Linux Kernel | |
| Date: | Mon, 21 Jul 2025 20:31:57 -0000 | |
| Message-ID: | <175312991798.1882.13481647065747509133@smelt2.prg2.suse.org> |
# Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:20483-1 Release Date: 2025-07-18T12:21:16Z Rating: important References: * bsc#1210025 * bsc#1211226 * bsc#1215199 * bsc#1218184 * bsc#1223008 * bsc#1235490 * bsc#1236208 * bsc#1237312 * bsc#1237913 * bsc#1238859 * bsc#1238982 * bsc#1240577 * bsc#1240610 * bsc#1240686 * bsc#1240814 * bsc#1241166 * bsc#1241278 * bsc#1241414 * bsc#1241544 * bsc#1241572 * bsc#1241592 * bsc#1242504 * bsc#1242515 * bsc#1242521 * bsc#1242556 * bsc#1242725 * bsc#1242907 * bsc#1243051 * bsc#1243060 * bsc#1243342 * bsc#1243467 * bsc#1243480 * bsc#1243506 * bsc#1243523 * bsc#1243538 * bsc#1243544 * bsc#1243551 * bsc#1243620 * bsc#1243698 * bsc#1243774 * bsc#1243823 * bsc#1243827 * bsc#1243832 * bsc#1243847 * bsc#1244100 * bsc#1244145 * bsc#1244172 * bsc#1244176 * bsc#1244229 * bsc#1244234 * bsc#1244241 * bsc#1244274 * bsc#1244275 * bsc#1244277 * bsc#1244309 * bsc#1244313 * bsc#1244337 * bsc#1244626 * bsc#1244725 * bsc#1244727 * bsc#1244729 * bsc#1244731 * bsc#1244732 * bsc#1244736 * bsc#1244737 * bsc#1244738 * bsc#1244739 * bsc#1244743 * bsc#1244746 * bsc#1244759 * bsc#1244789 * bsc#1244862 * bsc#1244906 * bsc#1244938 * bsc#1244995 * bsc#1244996 * bsc#1244999 * bsc#1245001 * bsc#1245003 * bsc#1245004 * bsc#1245025 * bsc#1245042 * bsc#1245046 * bsc#1245078 * bsc#1245081 * bsc#1245082 * bsc#1245083 * bsc#1245155 * bsc#1245183 * bsc#1245193 * bsc#1245210 * bsc#1245217 * bsc#1245225 * bsc#1245226 * bsc#1245228 * bsc#1245431 * bsc#1245455 * jsc#PED-12551 Cross-References: * CVE-2024-26831 * CVE-2024-56613 * CVE-2024-56699 * CVE-2024-57982 * CVE-2024-58053 * CVE-2025-21658 * CVE-2025-21720 * CVE-2025-21898 * CVE-2025-21899 * CVE-2025-21920 * CVE-2025-21959 * CVE-2025-22035 * CVE-2025-22083 * CVE-2025-22111 * CVE-2025-22120 * CVE-2025-37756 * CVE-2025-37757 * CVE-2025-37786 * CVE-2025-37811 * CVE-2025-37859 * CVE-2025-37884 * CVE-2025-37909 * CVE-2025-37921 * CVE-2025-37923 * CVE-2025-37927 * CVE-2025-37938 * CVE-2025-37945 * CVE-2025-37946 * CVE-2025-37961 * CVE-2025-37973 * CVE-2025-37992 * CVE-2025-37994 * CVE-2025-37995 * CVE-2025-37997 * CVE-2025-38000 * CVE-2025-38001 * CVE-2025-38003 * CVE-2025-38004 * CVE-2025-38005 * CVE-2025-38007 * CVE-2025-38009 * CVE-2025-38010 * CVE-2025-38011 * CVE-2025-38013 * CVE-2025-38014 * CVE-2025-38015 * CVE-2025-38018 * CVE-2025-38020 * CVE-2025-38022 * CVE-2025-38023 * CVE-2025-38024 * CVE-2025-38027 * CVE-2025-38031 * CVE-2025-38040 * CVE-2025-38043 * CVE-2025-38044 * CVE-2025-38045 * CVE-2025-38053 * CVE-2025-38057 * CVE-2025-38059 * CVE-2025-38060 * CVE-2025-38065 * CVE-2025-38068 * CVE-2025-38072 * CVE-2025-38077 * CVE-2025-38078 * CVE-2025-38079 * CVE-2025-38080 * CVE-2025-38081 * CVE-2025-38083 CVSS scores: * CVE-2024-26831 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26831 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56613 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-56613 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-56613 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56699 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-56699 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-57982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57982 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-58053 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21658 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21658 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21658 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21720 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21898 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21898 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21898 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21899 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21899 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21920 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21920 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-21959 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21959 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21959 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22035 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-22035 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-22083 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22083 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22111 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22111 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22120 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22120 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37756 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37757 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37786 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37811 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37811 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37859 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-37859 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-37884 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37884 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37909 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-37909 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-37921 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-37921 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N * CVE-2025-37923 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-37923 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2025-37927 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-37927 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2025-37938 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37945 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37946 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37961 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37973 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37992 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37992 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37994 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-37994 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-37995 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-37995 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-37997 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-37997 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38000 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38000 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38001 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38001 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38003 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38003 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38004 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38004 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-38005 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38005 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38007 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38009 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38009 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38010 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-38010 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-38011 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38011 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38013 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38013 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2025-38014 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38014 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38015 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38015 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38018 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38018 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38020 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38020 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38022 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38022 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38023 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38023 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38024 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38024 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38027 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38027 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38031 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38031 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2025-38040 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38040 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38043 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-38043 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2025-38044 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-38044 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2025-38045 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-38045 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2025-38053 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38057 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38057 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38059 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38059 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38060 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38060 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38065 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38065 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38068 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38068 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-38072 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38072 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38077 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38077 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38078 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38078 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38080 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38080 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38081 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38081 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves 70 vulnerabilities, contains one feature and has 27 fixes can now be installed. ## Description: The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-57982: xfrm: state: fix out-of-bounds read during lookup (bsc#1237913). * CVE-2024-58053: rxrpc: Fix handling of received connection abort (bsc#1238982). * CVE-2025-21720: xfrm: delete intermediate secpath entry in packet offload mode (bsc#1238859). * CVE-2025-21898: ftrace: Avoid potential division by zero in function_stat_show() (bsc#1240610). * CVE-2025-21899: tracing: Fix bad hist from corrupting named_triggers list (bsc#1240577). * CVE-2025-21920: vlan: enforce underlying device type (bsc#1240686). * CVE-2025-21959: netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree() (bsc#1240814). * CVE-2025-22035: tracing: Fix use-after-free in print_graph_function_flags during tracer switching (bsc#1241544). * CVE-2025-22111: kABI fix for net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF (bsc#1241572). * CVE-2025-37756: net: tls: explicitly disallow disconnect (bsc#1242515). * CVE-2025-37757: tipc: fix memory leak in tipc_link_xmit (bsc#1242521). * CVE-2025-37786: net: dsa: free routing table on probe failure (bsc#1242725). * CVE-2025-37811: usb: chipidea: ci_hdrc_imx: fix usbmisc handling (bsc#1242907). * CVE-2025-37859: page_pool: avoid infinite loop to schedule delayed worker (bsc#1243051). * CVE-2025-37884: bpf: Fix deadlock between rcu_tasks_trace and event_mutex (bsc#1243060). * CVE-2025-37909: net: lan743x: Fix memleak issue when GSO enabled (bsc#1243467). * CVE-2025-37921: vxlan: vnifilter: Fix unlocked deletion of default FDB entry (bsc#1243480). * CVE-2025-37923: tracing: Fix oob write in trace_seq_to_buffer() (bsc#1243551). * CVE-2025-37927: iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid (bsc#1243620). * CVE-2025-37938: tracing: Verify event formats that have "%*p.." (bsc#1243544). * CVE-2025-37945: net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY (bsc#1243538). * CVE-2025-37961: ipvs: fix uninit-value for saddr in do_output_route4 (bsc#1243523). * CVE-2025-37992: net_sched: Flush gso_skb list too during ->change() (bsc#1243698). * CVE-2025-37995: module: ensure that kobject_put() is safe for module type kobjects (bsc#1243827). * CVE-2025-37997: netfilter: ipset: fix region locking in hash types (bsc#1243832). * CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1244277). * CVE-2025-38001: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (bsc#1244234). * CVE-2025-38011: drm/amdgpu: csa unmap use uninterruptible lock (bsc#1244729). * CVE-2025-38018: net/tls: fix kernel panic when alloc_page failed (bsc#1244999). * CVE-2025-38053: idpf: fix null-ptr-deref in idpf_features_check (bsc#1244746). * CVE-2025-38057: espintcp: fix skb leaks (bsc#1244862). * CVE-2025-38060: bpf: abort verification if env->cur_state->loop_entry != NULL (bsc#1245155). * CVE-2025-38072: libnvdimm/labels: Fix divide error in nd_label_data_init() (bsc#1244743). The following non-security bugs were fixed: * ACPI: CPPC: Fix NULL pointer dereference when nosmp is used (git-fixes). * ACPI: battery: negate current when discharging (stable-fixes). * ACPI: bus: Bail out if acpi_kobj registration fails (stable-fixes). * ACPICA: Avoid sequence overread in call to strncmp() (stable-fixes). * ACPICA: fix acpi operand cache leak in dswstate.c (stable-fixes). * ACPICA: fix acpi parse and parseext cache leaks (stable-fixes). * ACPICA: utilities: Fix overflow check in vsnprintf() (stable-fixes). * ALSA: hda/intel: Add Thinkpad E15 to PM deny list (stable-fixes). * ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X507UAR (git-fixes). * ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X513EA (git-fixes). * ALSA: hda/realtek: enable headset mic on Latitude 5420 Rugged (stable- fixes). * ALSA: usb-audio: Accept multiple protocols in GTBs (stable-fixes). * ALSA: usb-audio: Add Pioneer DJ DJM-V10 support (stable-fixes). * ALSA: usb-audio: Add a quirk for Lenovo Thinkpad Thunderbolt 3 dock (stable- fixes). * ALSA: usb-audio: Add implicit feedback quirk for RODE AI-1 (stable-fixes). * ALSA: usb-audio: Add name for HP Engage Go dock (stable-fixes). * ALSA: usb-audio: Check shutdown at endpoint_set_interface() (stable-fixes). * ALSA: usb-audio: Fix NULL pointer deref in snd_usb_power_domain_set() (git- fixes). * ALSA: usb-audio: Fix duplicated name in MIDI substream names (stable-fixes). * ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3() (git-fixes). * ALSA: usb-audio: Rename ALSA kcontrol PCM and PCM1 for the KTMicro sound card (stable-fixes). * ALSA: usb-audio: Rename Pioneer mixer channel controls (git-fixes). * ALSA: usb-audio: Set MIDI1 flag appropriately for GTB MIDI 1.0 entry (stable-fixes). * ALSA: usb-audio: Skip setting clock selector for single connections (stable- fixes). * ALSA: usb-audio: Support multiple control interfaces (stable-fixes). * ALSA: usb-audio: Support read-only clock selector control (stable-fixes). * ALSA: usb-audio: enable support for Presonus Studio 1824c within 1810c file (stable-fixes). * ALSA: usb-audio: mixer: Remove temporary string use in parse_clock_source_unit (stable-fixes). * ASoC: amd: yc: Add quirk for Lenovo Yoga Pro 7 14ASP9 (stable-fixes). * ASoC: tas2770: Power cycle amp on ISENSE/VSENSE change (stable-fixes). * ASoC: tegra210_ahub: Add check to of_device_get_match_data() (stable-fixes). * Bluetooth: Fix NULL pointer deference on eir_get_service_data (git-fixes). * Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete (git-fixes). * Bluetooth: MGMT: Fix sparse errors (git-fixes). * Bluetooth: MGMT: Remove unused mgmt_pending_find_data (stable-fixes). * Bluetooth: Remove pending ACL connection attempts (stable-fixes). * Bluetooth: hci_conn: Fix UAF Write in __hci_acl_create_connection_sync (git- fixes). * Bluetooth: hci_conn: Only do ACL connections sequentially (stable-fixes). * Bluetooth: hci_core: fix list_for_each_entry_rcu usage (git-fixes). * Bluetooth: hci_event: Fix not using key encryption size when its known (git- fixes). * Bluetooth: hci_sync: Fix UAF in hci_acl_create_conn_sync (git-fixes). * Bluetooth: hci_sync: Fix UAF on hci_abort_conn_sync (git-fixes). * Bluetooth: hci_sync: Fix broadcast/PA when using an existing instance (git- fixes). * HID: lenovo: Restrict F7/9/11 mode to compact keyboards only (git-fixes). * HID: wacom: fix kobject reference count leak (git-fixes). * HID: wacom: fix memory leak on kobject creation failure (git-fixes). * HID: wacom: fix memory leak on sysfs attribute creation failure (git-fixes). * Input: sparcspkr - avoid unannotated fall-through (stable-fixes). * KVM: s390: rename PROT_NONE to PROT_TYPE_DUMMY (git-fixes bsc#1245225). * NFC: nci: uart: Set tty->disc_data only in success path (git-fixes). * PCI/DPC: Log Error Source ID only when valid (git-fixes). * PCI/DPC: Use defines with DPC reason fields (git-fixes). * PCI/MSI: Size device MSI domain with the maximum number of vectors (git- fixes). * PCI/PM: Set up runtime PM even for devices without PCI PM (git-fixes). * PCI: apple: Set only available ports up (git-fixes). * PCI: dw-rockchip: Remove PCIE_L0S_ENTRY check from rockchip_pcie_link_up() (git-fixes). * PCI: dwc: ep: Correct PBA offset in .set_msix() callback (git-fixes). * PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git- fixes). * PM: runtime: fix denying of auto suspend in pm_suspend_timer_fn() (stable- fixes). * RDMA/core: Fix best page size finding when it can cross SG entries (git- fixes) * RDMA/uverbs: Propagate errors from rdma_lookup_get_uobject() (git-fixes) * Revert "ALSA: usb-audio: Skip setting clock selector for single connections" (stable-fixes). * Revert "arm64: dts: allwinner: h6: Use RSB for AXP805 PMIC (git-fixes) * Revert "kABI: ipv6: save dontfrag in cork (git-fixes)." * USB: serial: pl2303: add new chip PL2303GC-Q20 and PL2303GT-2AB (stable- fixes). * arm64: dts: marvell: uDPU: define pinctrl state for alarm LEDs (git-fixes) * ata: libata-eh: Do not use ATAPI DMA for a device limited to PIO mode (stable-fixes). * ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 (stable-fixes). * ath10k: snoc: fix unbalanced IRQ enable in crash recovery (git-fixes). * bnxt: properly flush XDP redirect lists (git-fixes). * bpf: Force uprobe bpf program to always return 0 (git-fixes). * btrfs: fix fsync of files with no hard links not persisting deletion (git- fixes). * btrfs: fix invalid data space release when truncating block in NOCOW mode (git-fixes). * btrfs: fix qgroup reservation leak on failure to allocate ordered extent (git-fixes). * btrfs: fix wrong start offset for delalloc space release during mmap write (git-fixes). * btrfs: remove end_no_trans label from btrfs_log_inode_parent() (git-fixes). * btrfs: simplify condition for logging new dentries at btrfs_log_inode_parent() (git-fixes). * bus: fsl-mc: increase MC_CMD_COMPLETION_TIMEOUT_MS value (stable-fixes). * calipso: Fix null-ptr-deref in calipso_req_{set,del}attr() (git-fixes). * can: tcan4x5x: fix power regulator retrieval during probe (git-fixes). * ceph: Fix incorrect flush end position calculation (git-fixes). * ceph: allocate sparse_ext map only for sparse reads (git-fixes). * ceph: fix memory leaks in __ceph_sync_read() (git-fixes). * cgroup/cpuset: Fix race between newly created partition and dying one (bsc#1241166). * clocksource: Fix brown-bag boolean thinko in (git-fixes) * clocksource: Make watchdog and suspend-timing multiplication (git-fixes) * devlink: Fix referring to hw_addr attribute during state validation (git- fixes). * devlink: fix port dump cmd type (git-fixes). * drivers/rapidio/rio_cm.c: prevent possible heap overwrite (stable-fixes). * drm/amdgpu: switch job hw_fence to amdgpu_fence (git-fixes). * drm/etnaviv: Protect the scheduler's pending list with its lock (git-fixes). * drm/i915/pmu: Fix build error with GCOV and AutoFDO enabled (git-fixes). * drm/i915: fix build error some more (git-fixes). * drm/msm/disp: Correct porch timing for SDM845 (git-fixes). * drm/msm/dsi/dsi_phy_10nm: Fix missing initial VCO rate (git-fixes). * drm/nouveau/bl: increase buffer size to avoid truncate warning (git-fixes). * drm/ssd130x: fix ssd132x_clear_screen() columns (git-fixes). * e1000e: set fixed clock frequency indication for Nahum 11 and Nahum 13 (git- fixes). * fbcon: Make sure modelist not set on unregistered console (stable-fixes). * fgraph: Still initialize idle shadow stacks when starting (git-fixes). * firmware: SDEI: Allow sdei initialization without ACPI_APEI_GHES (git- fixes). * gpio: mlxbf3: only get IRQ for device instance 0 (git-fixes). * gve: Fix RX_BUFFERS_POSTED stat to report per-queue fill_cnt (git-fixes). * gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO (git- fixes). * hwmon: (ftsteutates) Fix TOCTOU race in fts_read() (git-fixes). * hwmon: (nct6775): Actually make use of the HWMON_NCT6775 symbol namespace (git-fixes). * hwmon: (occ) Rework attribute registration for stack usage (git-fixes). * hwmon: (occ) fix unaligned accesses (git-fixes). * hwmon: (peci/dimmtemp) Do not provide fake thresholds data (git-fixes). * hwmon: corsair-psu: add USB id of HX1200i Series 2023 psu (git-fixes). * i2c: designware: Invoke runtime suspend on quick slave re-registration (stable-fixes). * i2c: npcm: Add clock toggle recovery (stable-fixes). * i2c: robotfuzz-osif: disable zero-length read messages (git-fixes). * i2c: tiny-usb: disable zero-length read messages (git-fixes). * i40e: retry VFLR handling if there is ongoing VF reset (git-fixes). * i40e: return false from i40e_reset_vf if reset is in progress (git-fixes). * ice: Fix LACP bonds without SRIOV environment (git-fixes). * ice: create new Tx scheduler nodes for new queues only (git-fixes). * ice: fix Tx scheduler error handling in XDP callback (git-fixes). * ice: fix rebuilding the Tx scheduler tree for large queue counts (git- fixes). * ice: fix vf->num_mac count with port representors (git-fixes). * ima: Suspend PCR extends and log appends when rebooting (bsc#1210025 ltc#196650). * iommu: Skip PASID validation for devices without PASID capability (bsc#1244100) * iommu: Validate the PASID in iommu_attach_device_pasid() (bsc#1244100) * isolcpus: fix bug in returning number of allocated cpumask (bsc#1243774). * kABI: PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes). * kABI: serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git- fixes). * kabi: restore layout of struct cgroup_subsys (bsc#1241166). * kabi: restore layout of struct mem_control (jsc#PED-12551). * kabi: restore layout of struct page_counter (jsc#PED-12551). * loop: add file_start_write() and file_end_write() (git-fixes). * md/raid1,raid10: do not handle IO error for REQ_RAHEAD and REQ_NOWAIT (git- fixes). * mkspec: Exclude rt flavor from kernel-syms dependencies (bsc#1244337). * mm, memcg: cg2 memory{.swap,}.peak write handlers (jsc#PED-12551). * mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245431). * mm/hugetlb: unshare page tables during VMA split, not before (bsc#1245431). * mm/memcontrol: export memcg.swap watermark via sysfs for v2 memcg (jsc#PED-12551). * mmc: Add quirk to disable DDR50 tuning (stable-fixes). * net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (git- fixes). * net/mdiobus: Fix potential out-of-bounds read/write access (git-fixes). * net/mlx4_en: Prevent potential integer overflow calculating Hz (git-fixes). * net/mlx5: Add error handling in mlx5_query_nic_vport_node_guid() (git- fixes). * net/mlx5: Ensure fw pages are always allocated on same NUMA (git-fixes). * net/mlx5: Fix ECVF vports unload on shutdown flow (git-fixes). * net/mlx5: Fix return value when searching for existing flow group (git- fixes). * net/mlx5_core: Add error handling inmlx5_query_nic_vport_qkey_viol_cntr() (git-fixes). * net/mlx5e: Fix leak of Geneve TLV option object (git-fixes). * net/sched: fix use-after-free in taprio_dev_notifier (git-fixes). * net: Fix TOCTOU issue in sk_is_readable() (git-fixes). * net: ice: Perform accurate aRFS flow match (git-fixes). * net: mana: Add support for Multi Vports on Bare metal (bsc#1244229). * net: mana: Record doorbell physical address in PF mode (bsc#1244229). * net: phy: move phy_link_change() prior to mdio_bus_phy_may_suspend() (bsc#1243538) * net_sched: ets: fix a race in ets_qdisc_change() (git-fixes). * net_sched: prio: fix a race in prio_tune() (git-fixes). * net_sched: red: fix a race in __red_change() (git-fixes). * net_sched: sch_fifo: implement lockless __fifo_dump() (bsc#1237312) * net_sched: sch_sfq: reject invalid perturb period (git-fixes). * net_sched: tbf: fix a race in tbf_change() (git-fixes). * netlink: fix potential sleeping issue in mqueue_flush_file (git-fixes). * netlink: specs: dpll: replace underscores with dashes in names (git-fixes). * nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request (git- fixes). * ntp: Clamp maxerror and esterror to operating range (git-fixes) * ntp: Remove invalid cast in time offset math (git-fixes) * ntp: Safeguard against time_constant overflow (git-fixes) * nvme-fc: do not reference lsrsp after failure (bsc#1245193). * nvme-pci: add NVME_QUIRK_NO_DEEPEST_PS quirk for SOLIDIGM P44 Pro (git- fixes). * nvme-pci: add quirks for WDC Blue SN550 15b7:5009 (git-fixes). * nvme-pci: add quirks for device 126f:1001 (git-fixes). * nvme: always punt polled uring_cmd end_io work to task_work (git-fixes). * nvme: fix command limits status code (git-fixes). * nvme: fix implicit bool to flags conversion (git-fixes). * nvmet-fc: free pending reqs on tgtport unregister (bsc#1245193). * nvmet-fc: take tgtport refs for portentry (bsc#1245193). * nvmet-fcloop: access fcpreq only when holding reqlock (bsc#1245193). * nvmet-fcloop: add missing fcloop_callback_host_done (bsc#1245193). * nvmet-fcloop: allocate/free fcloop_lsreq directly (bsc#1245193). * nvmet-fcloop: do not wait for lport cleanup (bsc#1245193). * nvmet-fcloop: drop response if targetport is gone (bsc#1245193). * nvmet-fcloop: prevent double port deletion (bsc#1245193). * nvmet-fcloop: refactor fcloop_delete_local_port (bsc#1245193). * nvmet-fcloop: refactor fcloop_nport_alloc and track lport (bsc#1245193). * nvmet-fcloop: remove nport from list on last user (bsc#1245193). * nvmet-fcloop: track ref counts for nports (bsc#1245193). * nvmet-fcloop: update refs on tfcp_req (bsc#1245193). * pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get() (stable- fixes). * pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get_direction() (stable-fixes). * pinctrl: armada-37xx: propagate error from armada_37xx_pmx_gpio_set_direction() (stable-fixes). * pinctrl: armada-37xx: propagate error from armada_37xx_pmx_set_by_name() (stable-fixes). * pinctrl: mcp23s08: Reset all pins to input at probe (stable-fixes). * pinctrl: qcom: pinctrl-qcm2290: Add missing pins (git-fixes). * pinctrl: st: Drop unused st_gpio_bank() function (git-fixes). * platform/x86/amd: pmc: Clear metrics table at start of cycle (git-fixes). * platform/x86/intel-uncore-freq: Fail module load when plat_info is NULL (git-fixes). * platform/x86: dell_rbu: Fix list usage (git-fixes). * platform/x86: dell_rbu: Stop overwriting data buffer (git-fixes). * platform/x86: ideapad-laptop: use usleep_range() for EC polling (git-fixes). * power: supply: bq27xxx: Retrieve again when busy (stable-fixes). * power: supply: collie: Fix wakeup source leaks on device unbind (stable- fixes). * powerpc/eeh: Fix missing PE bridge reconfiguration during VFIO EEH recovery (bsc#1215199). * powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap (bsc#1244309 ltc#213790). * powerpc/vas: Return -EINVAL if the offset is non-zero in mmap() (bsc#1244309 ltc#213790). * ptp: remove ptp->n_vclocks check logic in ptp_vclock_in_use() (git-fixes). * r8152: add vendor/device ID pair for Dell Alienware AW1022z (git-fixes). * regulator: max20086: Fix refcount leak in max20086_parse_regulators_dt() (git-fixes). * rpm/kernel-source.changes.old: Drop bogus bugzilla reference (bsc#1244725) * rtc: Make rtc_time64_to_tm() support dates before 1970 (stable-fixes). * rtc: cmos: use spin_lock_irqsave in cmos_interrupt (git-fixes). * s390/pci: Fix __pcilg_mio_inuser() inline assembly (git-fixes bsc#1245226). * s390/tty: Fix a potential memory leak bug (git-fixes bsc#1245228). * scsi: dc395x: Remove DEBUG conditional compilation (git-fixes). * scsi: dc395x: Remove leftover if statement in reselect() (git-fixes). * scsi: elx: efct: Fix memory leak in efct_hw_parse_filter() (git-fixes). * scsi: hisi_sas: Call I_T_nexus after soft reset for SATA disk (git-fixes). * scsi: iscsi: Fix incorrect error path labels for flashnode operations (git- fixes). * scsi: mpi3mr: Add level check to control event logging (git-fixes). * scsi: mpt3sas: Send a diag reset if target reset fails (git-fixes). * scsi: qedf: Use designated initializer for struct qed_fcoe_cb_ops (git- fixes). * scsi: sd_zbc: block: Respect bio vector limits for REPORT ZONES buffer (git- fixes). * scsi: st: ERASE does not change tape location (git-fixes). * scsi: st: Restore some drive settings after reset (git-fixes). * scsi: st: Tighten the page format heuristics with MODE SELECT (git-fixes). * scsi: storvsc: Do not report the host packet status as the hv status (git- fixes). * scsi: storvsc: Increase the timeouts to storvsc_timeout (git-fixes). * serial: imx: Restore original RXTL for console to fix data loss (git-fixes). * serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes). * serial: sh-sci: Move runtime PM enable to sci_probe_single() (stable-fixes). * software node: Correct a OOB check in software_node_get_reference_args() (stable-fixes). * staging: rtl8723bs: Avoid memset() in aes_cipher() and aes_decipher() (git- fixes). * struct usci: hide additional member (git-fixes). * sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (git- fixes). * thunderbolt: Do not double dequeue a configuration request (stable-fixes). * timekeeping: Fix bogus clock_was_set() invocation in (git-fixes) * timekeeping: Fix cross-timestamp interpolation corner case (git-fixes) * timekeeping: Fix cross-timestamp interpolation for non-x86 (git-fixes) * timekeeping: Fix cross-timestamp interpolation on counter (git-fixes) * trace/trace_event_perf: remove duplicate samples on the first tracepoint event (git-fixes). * tracing/eprobe: Fix to release eprobe when failed to add dyn_event (git- fixes). * tracing: Add __print_dynamic_array() helper (bsc#1243544). * tracing: Add __string_len() example (bsc#1243544). * tracing: Fix cmp_entries_dup() to respect sort() comparison rules (git- fixes). * tracing: Fix compilation warning on arm32 (bsc#1243551). * tracing: Use atomic64_inc_return() in trace_clock_counter() (git-fixes). * truct dwc3 hide new member wakeup_pending_funcs (git-fixes). * ucsi_debugfs_entry: hide signedness change (git-fixes). * uprobes: Use kzalloc to allocate xol area (git-fixes). * usb: dwc3: gadget: Make gadget_wakeup asynchronous (git-fixes). * usb: quirks: Add NO_LPM quirk for SanDisk Extreme 55AE (stable-fixes). * usb: storage: Ignore UAS driver for SanDisk 3.2 Gen2 storage device (stable- fixes). * usb: typec: ucsi: Only enable supported notifications (git-fixes). * usb: typec: ucsi: allow non-partner GET_PDOS for Qualcomm devices (git- fixes). * usb: typec: ucsi: fix Clang -Wsign-conversion warning (git-fixes). * usb: typec: ucsi: fix UCSI on buggy Qualcomm devices (git-fixes). * usb: typec: ucsi: limit the UCSI_NO_PARTNER_PDOS even further (git-fixes). * usbnet: asix AX88772: leave the carrier control to phylink (stable-fixes). * vmxnet3: correctly report gso type for UDP tunnels (bsc#1244626). * vmxnet3: support higher link speeds from vmxnet3 v9 (bsc#1244626). * vmxnet3: update MTU after device quiesce (bsc#1244626). * watchdog: da9052_wdt: respect TWDMIN (stable-fixes). * watchdog: fix watchdog may detect false positive of softlockup (stable- fixes). * watchdog: it87_wdt: add PWRGD enable quirk for Qotom QCML04 (git-fixes). * watchdog: mediatek: Add support for MT6735 TOPRGU/WDT (git-fixes). * wifi: ath11k: Fix QMI memory reuse logic (stable-fixes). * wifi: ath11k: avoid burning CPU in ath11k_debugfs_fw_stats_request() (git- fixes). * wifi: ath11k: convert timeouts to secs_to_jiffies() (stable-fixes). * wifi: ath11k: do not use static variables in ath11k_debugfs_fw_stats_process() (git-fixes). * wifi: ath11k: do not wait when there is no vdev started (git-fixes). * wifi: ath11k: fix soc_dp_stats debugfs file permission (stable-fixes). * wifi: ath11k: move some firmware stats related functions outside of debugfs (git-fixes). * wifi: ath11k: update channel list in worker when wait flag is set (bsc#1243847). * wifi: ath11k: validate ath11k_crypto_mode on top of ath11k_core_qmi_firmware_ready (git-fixes). * wifi: ath12k: Pass correct values of center freq1 and center freq2 for 160 MHz (stable-fixes). * wifi: ath12k: fix a possible dead lock caused by ab->base_lock (stable- fixes). * wifi: ath12k: fix failed to set mhi state error during reboot with hardware grouping (stable-fixes). * wifi: ath12k: fix incorrect CE addresses (stable-fixes). * wifi: ath12k: fix link valid field initialization in the monitor Rx (stable- fixes). * wifi: ath12k: fix macro definition HAL_RX_MSDU_PKT_LENGTH_GET (stable- fixes). * wifi: carl9170: do not ping device which has failed to load firmware (git- fixes). * wifi: iwlwifi: Add missing MODULE_FIRMWARE for Qu-c0-jf-b0 (stable-fixes). * wifi: iwlwifi: pcie: make sure to lock rxq->read (stable-fixes). * wifi: mac80211: VLAN traffic in multicast path (stable-fixes). * wifi: mac80211: do not offer a mesh path if forwarding is disabled (stable- fixes). * wifi: mac80211: fix beacon interval calculation overflow (git-fixes). * wifi: mac80211_hwsim: Prevent tsf from setting if beacon is disabled (stable-fixes). * wifi: mt76: mt76x2: Add support for LiteOn WN4516R,WN4519R (stable-fixes). * wifi: mt76: mt7921: add 160 MHz AP for mt7922 device (stable-fixes). * wifi: mt76: mt7996: drop fragments with multicast or broadcast RA (stable- fixes). * wifi: rtw89: leave idle mode when setting WEP encryption for AP mode (stable-fixes). * x86/kaslr: Reduce KASLR entropy on most x86 systems (git-fixes). * x86/microcode/AMD: Add get_patch_level() (git-fixes). * x86/microcode/AMD: Get rid of the _load_microcode_amd() forward declaration (git-fixes). * x86/microcode/AMD: Merge early_apply_microcode() into its single callsite (git-fixes). * x86/microcode/AMD: Remove ugly linebreak in __verify_patch_section() signature (git-fixes). * x86/microcode: Consolidate the loader enablement checking (git-fixes). * x86/mm/init: Handle the special case of device private pages in add_pages(), to not increase max_pfn and trigger dma_addressing_limited() bounce buffers (git-fixes). * x86/xen: fix balloon target initialization for PVH dom0 (git-fixes). * xen/arm: call uaccess_ttbr0_enable for dm_op hypercall (git-fixes) * xen/x86: fix initial memory balloon target (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-52=1 ## Package List: * SUSE Linux Micro 6.1 (noarch) * kernel-devel-rt-6.4.0-34.1 * kernel-source-rt-6.4.0-34.1 * SUSE Linux Micro 6.1 (aarch64 nosrc x86_64) * kernel-rt-6.4.0-34.1 * SUSE Linux Micro 6.1 (aarch64 x86_64) * kernel-rt-debuginfo-6.4.0-34.1 * kernel-rt-devel-6.4.0-34.1 * kernel-rt-debugsource-6.4.0-34.1 * SUSE Linux Micro 6.1 (x86_64) * kernel-rt-devel-debuginfo-6.4.0-34.1 * kernel-rt-livepatch-6.4.0-34.1 ## References: * https://www.suse.com/security/cve/CVE-2024-26831.html * https://www.suse.com/security/cve/CVE-2024-56613.html * https://www.suse.com/security/cve/CVE-2024-56699.html * https://www.suse.com/security/cve/CVE-2024-57982.html * https://www.suse.com/security/cve/CVE-2024-58053.html * https://www.suse.com/security/cve/CVE-2025-21658.html * https://www.suse.com/security/cve/CVE-2025-21720.html * https://www.suse.com/security/cve/CVE-2025-21898.html * https://www.suse.com/security/cve/CVE-2025-21899.html * https://www.suse.com/security/cve/CVE-2025-21920.html * https://www.suse.com/security/cve/CVE-2025-21959.html * https://www.suse.com/security/cve/CVE-2025-22035.html * https://www.suse.com/security/cve/CVE-2025-22083.html * https://www.suse.com/security/cve/CVE-2025-22111.html * https://www.suse.com/security/cve/CVE-2025-22120.html * https://www.suse.com/security/cve/CVE-2025-37756.html * https://www.suse.com/security/cve/CVE-2025-37757.html * https://www.suse.com/security/cve/CVE-2025-37786.html * https://www.suse.com/security/cve/CVE-2025-37811.html * https://www.suse.com/security/cve/CVE-2025-37859.html * https://www.suse.com/security/cve/CVE-2025-37884.html * https://www.suse.com/security/cve/CVE-2025-37909.html * https://www.suse.com/security/cve/CVE-2025-37921.html * https://www.suse.com/security/cve/CVE-2025-37923.html * https://www.suse.com/security/cve/CVE-2025-37927.html * https://www.suse.com/security/cve/CVE-2025-37938.html * https://www.suse.com/security/cve/CVE-2025-37945.html * https://www.suse.com/security/cve/CVE-2025-37946.html * https://www.suse.com/security/cve/CVE-2025-37961.html * https://www.suse.com/security/cve/CVE-2025-37973.html * https://www.suse.com/security/cve/CVE-2025-37992.html * https://www.suse.com/security/cve/CVE-2025-37994.html * https://www.suse.com/security/cve/CVE-2025-37995.html * https://www.suse.com/security/cve/CVE-2025-37997.html * https://www.suse.com/security/cve/CVE-2025-38000.html * https://www.suse.com/security/cve/CVE-2025-38001.html * https://www.suse.com/security/cve/CVE-2025-38003.html * https://www.suse.com/security/cve/CVE-2025-38004.html * https://www.suse.com/security/cve/CVE-2025-38005.html * https://www.suse.com/security/cve/CVE-2025-38007.html * https://www.suse.com/security/cve/CVE-2025-38009.html * https://www.suse.com/security/cve/CVE-2025-38010.html * https://www.suse.com/security/cve/CVE-2025-38011.html * https://www.suse.com/security/cve/CVE-2025-38013.html * https://www.suse.com/security/cve/CVE-2025-38014.html * https://www.suse.com/security/cve/CVE-2025-38015.html * https://www.suse.com/security/cve/CVE-2025-38018.html * https://www.suse.com/security/cve/CVE-2025-38020.html * https://www.suse.com/security/cve/CVE-2025-38022.html * https://www.suse.com/security/cve/CVE-2025-38023.html * https://www.suse.com/security/cve/CVE-2025-38024.html * https://www.suse.com/security/cve/CVE-2025-38027.html * https://www.suse.com/security/cve/CVE-2025-38031.html * https://www.suse.com/security/cve/CVE-2025-38040.html * https://www.suse.com/security/cve/CVE-2025-38043.html * https://www.suse.com/security/cve/CVE-2025-38044.html * https://www.suse.com/security/cve/CVE-2025-38045.html * https://www.suse.com/security/cve/CVE-2025-38053.html * https://www.suse.com/security/cve/CVE-2025-38057.html * https://www.suse.com/security/cve/CVE-2025-38059.html * https://www.suse.com/security/cve/CVE-2025-38060.html * https://www.suse.com/security/cve/CVE-2025-38065.html * https://www.suse.com/security/cve/CVE-2025-38068.html * https://www.suse.com/security/cve/CVE-2025-38072.html * https://www.suse.com/security/cve/CVE-2025-38077.html * https://www.suse.com/security/cve/CVE-2025-38078.html * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38080.html * https://www.suse.com/security/cve/CVE-2025-38081.html * https://www.suse.com/security/cve/CVE-2025-38083.html * https://bugzilla.suse.com/show_bug.cgi?id=1210025 * https://bugzilla.suse.com/show_bug.cgi?id=1211226 * https://bugzilla.suse.com/show_bug.cgi?id=1215199 * https://bugzilla.suse.com/show_bug.cgi?id=1218184 * https://bugzilla.suse.com/show_bug.cgi?id=1223008 * https://bugzilla.suse.com/show_bug.cgi?id=1235490 * https://bugzilla.suse.com/show_bug.cgi?id=1236208 * https://bugzilla.suse.com/show_bug.cgi?id=1237312 * https://bugzilla.suse.com/show_bug.cgi?id=1237913 * https://bugzilla.suse.com/show_bug.cgi?id=1238859 * https://bugzilla.suse.com/show_bug.cgi?id=1238982 * https://bugzilla.suse.com/show_bug.cgi?id=1240577 * https://bugzilla.suse.com/show_bug.cgi?id=1240610 * https://bugzilla.suse.com/show_bug.cgi?id=1240686 * https://bugzilla.suse.com/show_bug.cgi?id=1240814 * https://bugzilla.suse.com/show_bug.cgi?id=1241166 * https://bugzilla.suse.com/show_bug.cgi?id=1241278 * https://bugzilla.suse.com/show_bug.cgi?id=1241414 * https://bugzilla.suse.com/show_bug.cgi?id=1241544 * https://bugzilla.suse.com/show_bug.cgi?id=1241572 * https://bugzilla.suse.com/show_bug.cgi?id=1241592 * https://bugzilla.suse.com/show_bug.cgi?id=1242504 * https://bugzilla.suse.com/show_bug.cgi?id=1242515 * https://bugzilla.suse.com/show_bug.cgi?id=1242521 * https://bugzilla.suse.com/show_bug.cgi?id=1242556 * https://bugzilla.suse.com/show_bug.cgi?id=1242725 * https://bugzilla.suse.com/show_bug.cgi?id=1242907 * https://bugzilla.suse.com/show_bug.cgi?id=1243051 * https://bugzilla.suse.com/show_bug.cgi?id=1243060 * https://bugzilla.suse.com/show_bug.cgi?id=1243342 * https://bugzilla.suse.com/show_bug.cgi?id=1243467 * https://bugzilla.suse.com/show_bug.cgi?id=1243480 * https://bugzilla.suse.com/show_bug.cgi?id=1243506 * https://bugzilla.suse.com/show_bug.cgi?id=1243523 * https://bugzilla.suse.com/show_bug.cgi?id=1243538 * https://bugzilla.suse.com/show_bug.cgi?id=1243544 * https://bugzilla.suse.com/show_bug.cgi?id=1243551 * https://bugzilla.suse.com/show_bug.cgi?id=1243620 * https://bugzilla.suse.com/show_bug.cgi?id=1243698 * https://bugzilla.suse.com/show_bug.cgi?id=1243774 * https://bugzilla.suse.com/show_bug.cgi?id=1243823 * https://bugzilla.suse.com/show_bug.cgi?id=1243827 * https://bugzilla.suse.com/show_bug.cgi?id=1243832 * https://bugzilla.suse.com/show_bug.cgi?id=1243847 * https://bugzilla.suse.com/show_bug.cgi?id=1244100 * https://bugzilla.suse.com/show_bug.cgi?id=1244145 * https://bugzilla.suse.com/show_bug.cgi?id=1244172 * https://bugzilla.suse.com/show_bug.cgi?id=1244176 * https://bugzilla.suse.com/show_bug.cgi?id=1244229 * https://bugzilla.suse.com/show_bug.cgi?id=1244234 * https://bugzilla.suse.com/show_bug.cgi?id=1244241 * https://bugzilla.suse.com/show_bug.cgi?id=1244274 * https://bugzilla.suse.com/show_bug.cgi?id=1244275 * https://bugzilla.suse.com/show_bug.cgi?id=1244277 * https://bugzilla.suse.com/show_bug.cgi?id=1244309 * https://bugzilla.suse.com/show_bug.cgi?id=1244313 * https://bugzilla.suse.com/show_bug.cgi?id=1244337 * https://bugzilla.suse.com/show_bug.cgi?id=1244626 * https://bugzilla.suse.com/show_bug.cgi?id=1244725 * https://bugzilla.suse.com/show_bug.cgi?id=1244727 * https://bugzilla.suse.com/show_bug.cgi?id=1244729 * https://bugzilla.suse.com/show_bug.cgi?id=1244731 * https://bugzilla.suse.com/show_bug.cgi?id=1244732 * https://bugzilla.suse.com/show_bug.cgi?id=1244736 * https://bugzilla.suse.com/show_bug.cgi?id=1244737 * https://bugzilla.suse.com/show_bug.cgi?id=1244738 * https://bugzilla.suse.com/show_bug.cgi?id=1244739 * https://bugzilla.suse.com/show_bug.cgi?id=1244743 * https://bugzilla.suse.com/show_bug.cgi?id=1244746 * https://bugzilla.suse.com/show_bug.cgi?id=1244759 * https://bugzilla.suse.com/show_bug.cgi?id=1244789 * https://bugzilla.suse.com/show_bug.cgi?id=1244862 * https://bugzilla.suse.com/show_bug.cgi?id=1244906 * https://bugzilla.suse.com/show_bug.cgi?id=1244938 * https://bugzilla.suse.com/show_bug.cgi?id=1244995 * https://bugzilla.suse.com/show_bug.cgi?id=1244996 * https://bugzilla.suse.com/show_bug.cgi?id=1244999 * https://bugzilla.suse.com/show_bug.cgi?id=1245001 * https://bugzilla.suse.com/show_bug.cgi?id=1245003 * https://bugzilla.suse.com/show_bug.cgi?id=1245004 * https://bugzilla.suse.com/show_bug.cgi?id=1245025 * https://bugzilla.suse.com/show_bug.cgi?id=1245042 * https://bugzilla.suse.com/show_bug.cgi?id=1245046 * https://bugzilla.suse.com/show_bug.cgi?id=1245078 * https://bugzilla.suse.com/show_bug.cgi?id=1245081 * https://bugzilla.suse.com/show_bug.cgi?id=1245082 * https://bugzilla.suse.com/show_bug.cgi?id=1245083 * https://bugzilla.suse.com/show_bug.cgi?id=1245155 * https://bugzilla.suse.com/show_bug.cgi?id=1245183 * https://bugzilla.suse.com/show_bug.cgi?id=1245193 * https://bugzilla.suse.com/show_bug.cgi?id=1245210 * https://bugzilla.suse.com/show_bug.cgi?id=1245217 * https://bugzilla.suse.com/show_bug.cgi?id=1245225 * https://bugzilla.suse.com/show_bug.cgi?id=1245226 * https://bugzilla.suse.com/show_bug.cgi?id=1245228 * https://bugzilla.suse.com/show_bug.cgi?id=1245431 * https://bugzilla.suse.com/show_bug.cgi?id=1245455 * https://jira.suse.com/browse/PED-12551
Attachment: None (type=text/html)
(HTML attachment elided)