SUSE alert SUSE-SU-2026:21241-1 (kernel)
| From: | SLE-SECURITY-UPDATES <null@suse.de> | |
| To: | sle-security-updates@lists.suse.com | |
| Subject: | SUSE-SU-2026:21241-1: important: Security update for the Linux Kernel | |
| Date: | Thu, 23 Apr 2026 16:37:40 -0000 | |
| Message-ID: | <177696226039.2126.10247419134626570944@46b3146b979a> |
# Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:21241-1 Release Date: 2026-04-17T15:22:13Z Rating: important References: * bsc#1226591 * bsc#1245728 * bsc#1249998 * bsc#1251135 * bsc#1251186 * bsc#1251971 * bsc#1252073 * bsc#1252266 * bsc#1253049 * bsc#1253455 * bsc#1254306 * bsc#1255084 * bsc#1256647 * bsc#1256690 * bsc#1256784 * bsc#1257183 * bsc#1257466 * bsc#1257472 * bsc#1257473 * bsc#1257506 * bsc#1257561 * bsc#1257682 * bsc#1257732 * bsc#1257755 * bsc#1257773 * bsc#1257777 * bsc#1257814 * bsc#1257836 * bsc#1257952 * bsc#1258280 * bsc#1258286 * bsc#1258293 * bsc#1258303 * bsc#1258305 * bsc#1258330 * bsc#1258337 * bsc#1258338 * bsc#1258340 * bsc#1258376 * bsc#1258389 * bsc#1258414 * bsc#1258447 * bsc#1258524 * bsc#1258641 * bsc#1258832 * bsc#1258849 * bsc#1259188 * bsc#1259461 * bsc#1259580 * bsc#1259707 * bsc#1259795 * bsc#1259797 * bsc#1259865 * bsc#1259870 * bsc#1259886 * bsc#1259889 * bsc#1259891 * bsc#1259997 * bsc#1259998 * bsc#1260005 * bsc#1260009 * bsc#1260347 * bsc#1260464 * bsc#1260471 * bsc#1260481 * bsc#1260486 * bsc#1260497 * bsc#1260500 * bsc#1260527 * bsc#1260544 * bsc#1260550 * bsc#1260562 * bsc#1260580 * bsc#1260730 * bsc#1260732 * bsc#1260735 * bsc#1260799 * bsc#1261412 * bsc#1261496 * bsc#1261498 * bsc#1261507 * bsc#1261669 Cross-References: * CVE-2024-38542 * CVE-2025-39817 * CVE-2025-39998 * CVE-2025-40201 * CVE-2025-40253 * CVE-2025-68794 * CVE-2025-71125 * CVE-2025-71268 * CVE-2025-71269 * CVE-2026-23030 * CVE-2026-23047 * CVE-2026-23054 * CVE-2026-23069 * CVE-2026-23088 * CVE-2026-23103 * CVE-2026-23120 * CVE-2026-23125 * CVE-2026-23136 * CVE-2026-23140 * CVE-2026-23154 * CVE-2026-23157 * CVE-2026-23169 * CVE-2026-23187 * CVE-2026-23193 * CVE-2026-23201 * CVE-2026-23202 * CVE-2026-23204 * CVE-2026-23207 * CVE-2026-23216 * CVE-2026-23231 * CVE-2026-23242 * CVE-2026-23243 * CVE-2026-23255 * CVE-2026-23262 * CVE-2026-23270 * CVE-2026-23272 * CVE-2026-23274 * CVE-2026-23277 * CVE-2026-23278 * CVE-2026-23281 * CVE-2026-23292 * CVE-2026-23293 * CVE-2026-23304 * CVE-2026-23317 * CVE-2026-23319 * CVE-2026-23335 * CVE-2026-23343 * CVE-2026-23361 * CVE-2026-23379 * CVE-2026-23381 * CVE-2026-23383 * CVE-2026-23386 * CVE-2026-23395 * CVE-2026-23398 * CVE-2026-23412 * CVE-2026-23413 * CVE-2026-23414 * CVE-2026-23419 * CVE-2026-25547 * CVE-2026-26996 * CVE-2026-31788 CVSS scores: * CVE-2024-38542 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-38542 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-39817 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-39817 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-39998 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-39998 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2025-40201 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-40201 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-40253 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68794 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-68794 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-71125 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-71125 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-71125 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71268 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-71268 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71269 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-71269 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23030 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23030 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23047 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23047 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23054 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23054 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23069 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23069 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23069 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23088 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23088 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23088 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23103 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23103 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23103 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23103 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23120 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23120 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23120 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23125 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23125 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23125 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23136 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23136 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23136 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23136 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23140 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23140 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23140 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23154 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23154 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23154 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23157 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23157 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23157 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23169 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23169 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2026-23169 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23169 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23187 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23187 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-23187 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23193 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-23193 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23193 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23201 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23201 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23201 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23202 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23202 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23202 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23207 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23207 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23207 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23216 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23216 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23216 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23231 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23231 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23231 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23231 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23242 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23242 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23242 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23255 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23255 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23262 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23262 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23270 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23270 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23272 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23272 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23272 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23274 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23274 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23277 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23277 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23278 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23278 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23278 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23281 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23281 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23292 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23292 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23293 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23293 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23304 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23304 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23317 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23317 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23317 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23319 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23319 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23335 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23335 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-23343 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23343 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23361 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-23361 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2026-23379 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23381 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23383 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23383 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23386 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23386 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23395 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23395 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23395 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23398 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23398 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23412 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23412 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23413 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23413 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23414 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23414 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23419 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23419 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-25547 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-25547 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-25547 ( NVD ): 9.2 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-26996 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-26996 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-26996 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-26996 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31788 ( NVD ): 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 * SUSE Linux Micro 6.1 * SUSE Linux Micro Extras 6.0 An update that solves 61 vulnerabilities and has 21 fixes can now be installed. ## Security update for the Linux Kernel ### Description: The SUSE Linux Micro (RT) 6.0 and 6.1 kernel was updated to fix various security issues The following security issues were fixed: * CVE-2024-38542: RDMA/mana_ib: boundary check before installing cq callbacks (bsc#1226591). * CVE-2025-39817: efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare (bsc#1249998). * CVE-2025-39998: scsi: target: target_core_configfs: Add length check to avoid buffer overflow (bsc#1252073). * CVE-2025-40201: kernel/sys.c: fix the racy usage of task_lock(tsk->group_leader) in sys_prlimit64() paths (bsc#1253455). * CVE-2025-40253: s390/ctcm: Fix double-kfree (bsc#1255084). * CVE-2025-68794: iomap: adjust read range correctly for non-block-aligned positions (bsc#1256647). * CVE-2025-71125: tracing: Do not register unsupported perf events (bsc#1256784). * CVE-2025-71268: btrfs: fix reservation leak in some error paths when inserting inline extent (bsc#1259865). * CVE-2025-71269: btrfs: do not free data reservation in fallback from inline due to -ENOSPC (bsc#1259889). * CVE-2026-23030: phy: rockchip: inno-usb2: Fix a double free bug in rockchip_usb2phy_probe() (bsc#1257561). * CVE-2026-23047: libceph: make calc_target() set t->paused, not just clear it (bsc#1257682). * CVE-2026-23069: vsock/virtio: fix potential underflow in virtio_transport_get_credit() (bsc#1257755). * CVE-2026-23088: tracing: Fix crash on synthetic stacktrace field usage (bsc#1257814). * CVE-2026-23103: ipvlan: Make the addrs_lock be per port (bsc#1257773). * CVE-2026-23120: l2tp: avoid one data-race in l2tp_tunnel_del_work() (bsc#1258280). * CVE-2026-23125: sctp: move SCTP_CMD_ASSOC_SHKEY right after SCTP_CMD_PEER_INIT (bsc#1258293). * CVE-2026-23136: libceph: reset sparse-read state in osd_fault() (bsc#1258303). * CVE-2026-23140: bpf, test_run: Subtract size of xdp_frame from allowed metadata size (bsc#1258305). * CVE-2026-23154: net: fix segmentation of forwarding fraglist GRO (bsc#1258286). * CVE-2026-23169: mptcp: fix race in mptcp_pm_nl_flush_addrs_doit() (bsc#1258389). * CVE-2026-23187: pmdomain: imx8m-blk-ctrl: fix out-of-range access of bc->domains (bsc#1258330). * CVE-2026-23193: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (bsc#1258414). * CVE-2026-23201: ceph: fix oops due to invalid pointer for kfree() in parse_longname() (bsc#1258337). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1258340). * CVE-2026-23216: scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() (bsc#1258447). * CVE-2026-23231: netfilter: nf_tables: register hooks last when adding new chain/flowtable (bsc#1259188). * CVE-2026-23242: RDMA/siw: Fix potential NULL pointer dereference in header processing (bsc#1259795). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259797). * CVE-2026-23255: net: add proper RCU protection to /proc/net/ptype (bsc#1259891). * CVE-2026-23262: gve: Fix stats report corruption on queue count change (bsc#1259870). * CVE-2026-23270: net/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks (bsc#1259886). * CVE-2026-23272: netfilter: nf_tables: unconditionally bump set->nelems before insertion (bsc#1260009). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260005). * CVE-2026-23277: net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit (bsc#1259997). * CVE-2026-23278: netfilter: nf_tables: always walk all pending catchall elements (bsc#1259998). * CVE-2026-23281: wifi: libertas: fix use-after-free in lbs_free_adapter() (bsc#1260464). * CVE-2026-23292: scsi: target: Fix recursive locking in __configfs_open_file() (bsc#1260500). * CVE-2026-23293: net: vxlan: fix nd_tbl NULL dereference when IPv6 is disabled (bsc#1260486). * CVE-2026-23304: ipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu() (bsc#1260544). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260562). * CVE-2026-23319: bpf: export bpf_link_inc_not_zero (bsc#1260735). * CVE-2026-23335: RDMA/irdma: Fix kernel stack leak in irdma_create_user_ah() (bsc#1260550). * CVE-2026-23343: xdp: produce a warning when calculated tailroom is negative (bsc#1260527). * CVE-2026-23361: PCI: dwc: ep: Flush MSI-X write before unmapping its ATU entry (bsc#1260732). * CVE-2026-23379: net/sched: ets: fix divide by zero in the offload path (bsc#1260481). * CVE-2026-23381: net: bridge: fix nd_tbl NULL dereference when IPv6 is disabled (bsc#1260471). * CVE-2026-23383: bpf, arm64: Force 8-byte alignment for JIT buffer to prevent atomic tearing (bsc#1260497). * CVE-2026-23386: gve: fix incorrect buffer cleanup in gve_tx_clean_pending_packets for QPL (bsc#1260799). * CVE-2026-23395: Bluetooth: L2CAP: Fix accepting multiple L2CAP_ECRED_CONN_REQ (bsc#1260580). * CVE-2026-23398: icmp: fix NULL pointer dereference in icmp_tag_validation() (bsc#1260730). * CVE-2026-23412: netfilter: bpf: defer hook memory release until rcu readers are done (bsc#1261412). * CVE-2026-23413: clsact: Fix use-after-free in init/destroy rollback asymmetry (bsc#1261498). * CVE-2026-23414: tls: Purge async_hold in tls_decrypt_async_wait() (bsc#1261496). * CVE-2026-23419: net/rds: Fix circular locking dependency in rds_tcp_tune (bsc#1261507). * CVE-2026-31788: xen/privcmd: restrict usage in unprivileged domU (bsc#1259707). The following non security issues were fixed: * accel/qaic: Handle DBC deactivation if the owner went away (git-fixes). * ACPI: EC: clean up handlers on probe failure in acpi_ec_setup() (git-fixes). * ACPI: OSI: Add DMI quirk for Acer Aspire One D255 (stable-fixes). * ACPI: OSL: fix __iomem type on return from acpi_os_map_generic_address() (git-fixes). * ACPI: PM: Save NVS memory on Lenovo G70-35 (stable-fixes). * ACPI: processor: Fix previous acpi_processor_errata_piix4() fix (git-fixes). * ALSA: caiaq: fix stack out-of-bounds read in init_card (git-fixes). * ALSA: firewire-lib: fix uninitialized local variable (git-fixes). * ALSA: hda: cs35l56: Fix signedness error in cs35l56_hda_posture_put() (git- fixes). * ALSA: hda/conexant: Add quirk for HP ZBook Studio G4 (stable-fixes). * ALSA: hda/conexant: Fix headphone jack handling on Acer Swift SF314 (stable- fixes). * ALSA: hda/realtek: Add headset jack quirk for Thinkpad X390 (stable-fixes). * ALSA: hda/realtek: add HP Laptop 14s-dr5xxx mute LED quirk (stable-fixes). * ALSA: pci: hda: use snd_kcontrol_chip() (stable-fixes). * ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain() (git-fixes). * ALSA: usb-audio: Check endpoint numbers at parsing Scarlett2 mixer interfaces (stable-fixes). * apparmor: fix differential encoding verification (bsc#1258849). * apparmor: Fix double free of ns_name in aa_replace_profiles() (bsc#1258849). * apparmor: fix memory leak in verify_header (bsc#1258849). * apparmor: fix missing bounds check on DEFAULT table in verify_dfa() (bsc#1258849). * apparmor: fix race between freeing data and fs accessing it (bsc#1258849). * apparmor: fix race on rawdata dereference (bsc#1258849). * apparmor: fix side-effect bug in match_char() macro usage (bsc#1258849). * apparmor: fix unprivileged local user can do privileged policy management (bsc#1258849). * apparmor: fix: limit the number of levels of policy namespaces (bsc#1258849). * apparmor: replace recursive profile removal with iterative approach (bsc#1258849). * apparmor: validate DFA start states are in bounds in unpack_pdb (bsc#1258849). * ASoC: adau1372: Fix clock leak on PLL lock failure (git-fixes). * ASoC: adau1372: Fix unchecked clk_prepare_enable() return value (git-fixes). * ASoC: amd: acp-mach-common: Add missing error check for clock acquisition (git-fixes). * ASoC: amd: acp3x-rt5682-max9836: Add missing error check for clock acquisition (git-fixes). * ASoC: amd: yc: Add ASUS EXPERTBOOK BM1503CDA to quirk table (stable-fixes). * ASoC: amd: yc: Add DMI quirk for ASUS EXPERTBOOK PM1503CDA (stable-fixes). * ASoC: detect empty DMI strings (git-fixes). * ASoC: ep93xx: Fix unchecked clk_prepare_enable() and add rollback on failure (git-fixes). * ASoC: fsl_easrc: Fix event generation in fsl_easrc_iec958_put_bits() (stable-fixes). * ASoC: fsl_easrc: Fix event generation in fsl_easrc_iec958_set_reg() (stable- fixes). * ASoC: Intel: catpt: Fix the device initialization (git-fixes). * ASoC: qcom: qdsp6: Fix q6apm remove ordering during ADSP stop and start (git-fixes). * ASoC: soc-core: drop delayed_work_pending() check before flush (git-fixes). * ASoC: soc-core: flush delayed work before removing DAIs and widgets (git- fixes). * ASoC: SOF: ipc4-topology: Allow bytes controls without initial payload (git- fixes). * batman-adv: Avoid double-rtnl_lock ELP metric worker (git-fixes). * Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock (git-fixes). * Bluetooth: btusb: clamp SCO altsetting table indices (git-fixes). * Bluetooth: hci_event: fix potential UAF in hci_le_remote_conn_param_req_evt (git-fixes). * Bluetooth: hci_ll: Fix firmware leak on error path (git-fixes). * Bluetooth: hci_sync: call destroy in hci_cmd_sync_run if immediate (git- fixes). * Bluetooth: hci_sync: Fix hci_le_create_conn_sync (git-fixes). * Bluetooth: hci_sync: Remove remaining dependencies of hci_request (stable- fixes). * Bluetooth: HIDP: Fix possible UAF (git-fixes). * Bluetooth: L2CAP: Fix ERTM re-init and zero pdu_len infinite loop (git- fixes). * Bluetooth: L2CAP: Fix null-ptr-deref on l2cap_sock_ready_cb (git-fixes). * Bluetooth: L2CAP: Fix send LE flow credits in ACL link (git-fixes). * Bluetooth: L2CAP: Fix type confusion in l2cap_ecred_reconf_rsp() (git- fixes). * Bluetooth: L2CAP: Fix use-after-free in l2cap_unregister_user (git-fixes). * Bluetooth: L2CAP: Validate L2CAP_INFO_RSP payload length before access (git- fixes). * Bluetooth: L2CAP: Validate PDU length before reading SDU length in l2cap_ecred_data_rcv() (git-fixes). * Bluetooth: LE L2CAP: Disconnect if received packet's SDU exceeds IMTU (git- fixes). * Bluetooth: LE L2CAP: Disconnect if sum of payload sizes exceed SDU (git- fixes). * Bluetooth: MGMT: Fix dangling pointer on mgmt_add_adv_patterns_monitor_complete (git-fixes). * Bluetooth: MGMT: validate LTK enc_size on load (git-fixes). * Bluetooth: MGMT: validate mesh send advertising payload length (git-fixes). * Bluetooth: Remove 3 repeated macro definitions (stable-fixes). * Bluetooth: SCO: fix race conditions in sco_sock_connect() (git-fixes). * Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold (git-fixes). * Bluetooth: SMP: derive legacy responder STK authentication from MITM state (git-fixes). * Bluetooth: SMP: force responder MITM requirements before building the pairing response (git-fixes). * Bluetooth: SMP: make SM/PER/KDU/BI-04-C happy (git-fixes). * bonding: do not set usable_slaves for broadcast mode (git-fixes). * btrfs: fix zero size inode with non-zero size after log replay (git-fixes). * btrfs: log new dentries when logging parent dir of a conflicting inode (git- fixes). * btrfs: tracepoints: get correct superblock from dentry in event btrfs_sync_file() (bsc#1257777). * can: bcm: fix locking for bcm_op runtime updates (git-fixes). * can: ems_usb: ems_usb_read_bulk_callback(): check the proper length of a message (git-fixes). * can: gw: fix OOB heap access in cgw_csum_crc8_rel() (git-fixes). * can: hi311x: hi3110_open(): add check for hi3110_power_enable() return value (git-fixes). * can: isotp: fix tx.buf use-after-free in isotp_sendmsg() (git-fixes). * can: mcp251x: fix deadlock in error path of mcp251x_open (git-fixes). * can: ucan: Fix infinite loop from zero-length messages (git-fixes). * can: usb: etas_es58x: correctly anchor the urb in the read bulk callback (git-fixes). * comedi: me_daq: Fix potential overrun of firmware buffer (git-fixes). * comedi: me4000: Fix potential overrun of firmware buffer (git-fixes). * comedi: ni_atmio16d: Fix invalid clean-up after failed attach (git-fixes). * comedi: Reinit dev-spinlock between attachments to low-level drivers (git- fixes). * crypto: af-alg - fix NULL pointer dereference in scatterwalk (git-fixes). * crypto: caam - fix DMA corruption on long hmac keys (git-fixes). * crypto: caam - fix overflow on long hmac keys (git-fixes). * dmaengine: idxd: Fix freeing the allocated ida too late (git-fixes). * dmaengine: idxd: Fix leaking event log memory (git-fixes). * dmaengine: idxd: Fix memory leak when a wq is reset (git-fixes). * dmaengine: idxd: Fix not releasing workqueue on .release() (git-fixes). * dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc() (git-fixes). * dmaengine: idxd: Remove usage of the deprecated ida_simple_xx() API (stable- fixes). * dmaengine: sh: rz-dmac: Move CHCTRL updates under spinlock (git-fixes). * dmaengine: sh: rz-dmac: Protect the driver specific lists (git-fixes). * dmaengine: xilinx: xdma: Fix regmap init error handling (git-fixes). * dmaengine: xilinx: xilinx_dma: Fix dma_device directions (git-fixes). * dmaengine: xilinx: xilinx_dma: Fix residue calculation for cyclic DMA (git- fixes). * dmaengine: xilinx: xilinx_dma: Fix unmasked residue subtraction (git-fixes). * Drivers: hv: fix missing kernel-doc description for 'size' in request_arr_init() (git-fixes). * Drivers: hv: remove stale comment (git-fixes). * Drivers: hv: vmbus: Clean up sscanf format specifier in target_cpu_store() (git-fixes). * Drivers: hv: vmbus: Fix sysfs output format for ring buffer index (git- fixes). * Drivers: hv: vmbus: Fix typos in vmbus_drv.c (git-fixes). * drm/amd: Set num IP blocks to 0 if discovery fails (stable-fixes). * drm/amd/display: Add pixel_clock to amd_pp_display_configuration (stable- fixes). * drm/amd/display: Fix DisplayID not-found handling in parse_edid_displayid_vrr() (git-fixes). * drm/amdgpu: apply state adjust rules to some additional HAINAN vairants (stable-fixes). * drm/amdgpu: Fix fence put before wait in amdgpu_amdkfd_submit_ib (git- fixes). * drm/amdgpu: Fix use-after-free race in VM acquire (stable-fixes). * drm/amdgpu: keep vga memory on MacBooks with switchable graphics (stable- fixes). * drm/amdgpu/gmc9.0: add bounds checking for cid (stable-fixes). * drm/amdgpu/mmhub2.0: add bounds checking for cid (stable-fixes). * drm/amdgpu/mmhub2.3: add bounds checking for cid (stable-fixes). * drm/amdgpu/mmhub3.0: add bounds checking for cid (stable-fixes). * drm/amdgpu/mmhub3.0.1: add bounds checking for cid (stable-fixes). * drm/amdgpu/mmhub3.0.2: add bounds checking for cid (stable-fixes). * drm/ast: dp501: Fix initialization of SCU2C (git-fixes). * drm/bridge: ti-sn65dsi83: fix CHA_DSI_CLK_RANGE rounding (git-fixes). * drm/bridge: ti-sn65dsi86: Add support for DisplayPort mode with HPD (stable- fixes). * drm/i915/dp: Use crtc_state->enhanced_framing properly on ivb/hsw CPU eDP (git-fixes). * drm/i915/gmbus: fix spurious timeout on 512-byte burst reads (git-fixes). * drm/i915/gt: Check set_default_submission() before deferencing (git-fixes). * drm/ioc32: stop speculation on the drm_compat_ioctl path (git-fixes). * drm/msm/dsi: Document DSC related pclk_rate and hdisplay calculations (stable-fixes). * drm/msm/dsi: fix hdisplay calculation when programming dsi registers (git- fixes). * drm/msm/dsi: fix pclk rate calculation for bonded dsi (git-fixes). * drm/radeon: apply state adjust rules to some additional HAINAN vairants (stable-fixes). * drm/sched: Fix kernel-doc warning for drm_sched_job_done() (git-fixes). * drm/solomon: Fix page start when updating rectangle in page addressing mode (git-fixes). * firmware: arm_scpi: Fix device_node reference leak in probe path (git- fixes). * gpio: mxc: map Both Edge pad wakeup to Rising Edge (git-fixes). * HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them (stable-fixes). * HID: apple: avoid memory leak in apple_report_fixup() (stable-fixes). * HID: asus: avoid memory leak in asus_report_fixup() (stable-fixes). * HID: magicmouse: avoid memory leak in magicmouse_report_fixup() (stable- fixes). * HID: mcp2221: cancel last I2C command on read error (stable-fixes). * hv/hv_kvp_daemon: Handle IPv4 and Ipv6 combination for keyfile format (git- fixes). * hv/hv_kvp_daemon: Pass NIC name to hv_get_dns_info as well (git-fixes). * hwmon: (adm1177) fix sysfs ABI violation and current unit conversion (git- fixes). * hwmon: (axi-fan-control) Make use of dev_err_probe() (stable-fixes). * hwmon: (axi-fan-control) Use device firmware agnostic API (stable-fixes). * hwmon: (it87) Check the it87_lock() return value (git-fixes). * hwmon: (occ) Fix division by zero in occ_show_power_1() (git-fixes). * hwmon: (occ) Fix missing newline in occ_show_extended() (git-fixes). * hwmon: (peci/cputemp) Fix crit_hyst returning delta instead of absolute temperature (git-fixes). * hwmon: (peci/cputemp) Fix off-by-one in cputemp_is_visible() (git-fixes). * hwmon: (pmbus/isl68137) Add mutex protection for AVS enable sysfs attributes (git-fixes). * hwmon: (pmbus/isl68137) Fix unchecked return value and use sysfs_emit() (git-fixes). * hwmon: (pmbus/q54sj108a2) fix stack overflow in debugfs read (git-fixes). * hwmon: (pxe1610) Check return value of page-select write in probe (git- fixes). * hwmon: (tps53679) Fix device ID comparison and printing in tps53676_identify() (git-fixes). * hwmon: axi-fan: don't use driver_override as IRQ name (git-fixes). * i2c: cp2615: fix serial string NULL-deref at probe (git-fixes). * i2c: cp2615: replace deprecated strncpy with strscpy (stable-fixes). * i2c: fsi: Fix a potential leak in fsi_i2c_probe() (git-fixes). * i2c: pxa: defer reset on Armada 3700 when recovery is used (git-fixes). * idpf: nullify pointers after they are freed (git-fixes). * iio: accel: fix ADXL355 temperature signature value (git-fixes). * iio: adc: ti-adc161s626: fix buffer read on big-endian (git-fixes). * iio: chemical: bme680: Fix measurement wait duration calculation (git- fixes). * iio: chemical: sps30_i2c: fix buffer size in sps30_i2c_read_meas() (git- fixes). * iio: chemical: sps30_serial: fix buffer size in sps30_serial_read_meas() (git-fixes). * iio: dac: ad5770r: fix error return in ad5770r_read_raw() (git-fixes). * iio: dac: ds4424: reject -128 RAW value (git-fixes). * iio: frequency: adf4377: Fix duplicated soft reset mask (git-fixes). * iio: gyro: mpu3050-core: fix pm_runtime error handling (git-fixes). * iio: gyro: mpu3050-i2c: fix pm_runtime error handling (git-fixes). * iio: gyro: mpu3050: Fix incorrect free_irq() variable (git-fixes). * iio: gyro: mpu3050: Fix irq resource leak (git-fixes). * iio: gyro: mpu3050: Fix out-of-sequence free_irq() (git-fixes). * iio: gyro: mpu3050: Move iio_device_register() to correct location (git- fixes). * iio: imu: bmi160: Remove potential undefined behavior in bmi160_config_pin() (git-fixes). * iio: imu: bno055: fix BNO055_SCAN_CH_COUNT off by one (git-fixes). * iio: imu: inv_icm42600: fix odr switch to the same value (git-fixes). * iio: imu: st_lsm6dsx: Set FIFO ODR for accelerometer and gyroscope only (git-fixes). * iio: light: vcnl4035: fix scan buffer on big-endian (git-fixes). * iio: potentiometer: mcp4131: fix double application of wiper shift (git- fixes). * Input: synaptics-rmi4 - fix a locking bug in an error path (git-fixes). * KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE (bsc#1259461). * media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex (git- fixes). * media: tegra-video: Use accessors for pad config 'try_*' fields (stable- fixes). * mfd: omap-usb-host: Convert to platform remove callback returning void (stable-fixes). * mfd: omap-usb-host: Fix OF populate on driver rebind (git-fixes). * mfd: qcom-pm8xxx: Convert to platform remove callback returning void (stable-fixes). * mfd: qcom-pm8xxx: Fix OF populate on driver rebind (git-fixes). * misc: fastrpc: possible double-free of cctx->remote_heap (git-fixes). * mmc: sdhci-pci-gli: fix GL9750 DMA write corruption (git-fixes). * mmc: sdhci: fix timing selection for 1-bit bus width (git-fixes). * mtd: Avoid boot crash in RedBoot partition table parser (git-fixes). * mtd: rawnand: brcmnand: skip DMA during panic write (git-fixes). * mtd: rawnand: cadence: Fix error check for dma_alloc_coherent() in cadence_nand_init() (git-fixes). * mtd: rawnand: pl353: make sure optimal timings are applied (git-fixes). * mtd: rawnand: serialize lock/unlock against other NAND operations (git- fixes). * mtd: spi-nor: core: avoid odd length/address reads on 8D-8D-8D mode (stable- fixes). * mtd: spi-nor: core: avoid odd length/address writes in 8D-8D-8D mode (stable-fixes). * net: mana: Add metadata support for xdp mode (git-fixes). * net: mana: Add standard counter rx_missed_errors (git-fixes). * net: mana: Add support for auxiliary device servicing events (bsc#1251971). * net: mana: Change the function signature of mana_get_primary_netdev_rcu (bsc#1256690). * net: mana: Drop TX skb on post_work_request failure and unmap resources (git-fixes). * net: mana: Fix double destroy_workqueue on service rescan PCI path (git- fixes). * net: mana: fix spelling for mana_gd_deregiser_irq() (git-fixes). * net: mana: fix use-after-free in add_adev() error path (git-fixes). * net: mana: Fix use-after-free in reset service rescan path (git-fixes). * net: mana: Fix warnings for missing export.h header inclusion (git-fixes). * net: mana: Handle hardware recovery events when probing the device (bsc#1257466). * net: mana: Handle Reset Request from MANA NIC (bsc#1245728 bsc#1251971). * net: mana: Handle SKB if TX SGEs exceed hardware limit (git-fixes). * net: mana: Handle unsupported HWC commands (git-fixes). * net: mana: Implement ndo_tx_timeout and serialize queue resets per port (bsc#1257472). * net: mana: Move hardware counter stats from per-port to per-VF context (git- fixes). * net: mana: Probe rdma device in mana driver (git-fixes). * net: mana: Reduce waiting time if HWC not responding (bsc#1252266). * net: mana: Ring doorbell at 4 CQ wraparounds (git-fixes). * net: mana: Support HW link state events (bsc#1253049). * net: mana: Trigger VF reset/recovery on health check failure due to HWC timeout (bsc#1259580). * net: mana: use ethtool string helpers (git-fixes). * net: mana: Use mana_cleanup_port_context() for rxq cleanup (git-fixes). * net: nfc: nci: Fix zero-length proprietary notifications (git-fixes). * net: usb: aqc111: Do not perform PM inside suspend callback (git-fixes). * net: usb: cdc_ncm: add ndpoffset to NDP16 nframes bounds check (git-fixes). * net: usb: cdc_ncm: add ndpoffset to NDP32 nframes bounds check (git-fixes). * net: usb: lan78xx: fix silent drop of packets with checksum errors (git- fixes). * net: usb: lan78xx: fix TX byte statistics for small packets (git-fixes). * net: usb: pegasus: validate USB endpoints (stable-fixes). * net/mana: Null service_wq on setup error to prevent double destroy (git- fix). * net/mlx5: Fix crash when moving to switchdev mode (git-fixes). * net/rose: fix NULL pointer dereference in rose_transmit_link on reconnect (git-fixes). * net/x25: Fix overflow when accumulating packets (git-fixes). * net/x25: Fix potential double free of skb (git-fixes). * nfc: nci: clear NCI_DATA_EXCHANGE before calling completion callback (git- fixes). * nfc: nci: fix circular locking dependency in nci_close_device (git-fixes). * nfc: nci: free skb on nci_transceive early error paths (git-fixes). * NFC: nxp-nci: allow GPIOs to sleep (git-fixes). * NFC: pn533: bound the UART receive buffer (git-fixes). * nfc: rawsock: cancel tx_work before socket teardown (git-fixes). * nouveau/dpcd: return EBUSY for aux xfer if the device is asleep (git-fixes). * PCI: hv: Correct a comment (git-fixes). * PCI: hv: Remove unnecessary flex array in struct pci_packet (git-fixes). * PCI: hv: remove unnecessary module_init/exit functions (git-fixes). * PCI: hv: Remove unused field pci_bus in struct hv_pcibus_device (git-fixes). * PCI: Update BAR # and window messages (stable-fixes). * phy: ti: j721e-wiz: Fix device node reference leak in wiz_get_lane_phy_types() (git-fixes). * pinctrl: equilibrium: fix warning trace on load (git-fixes). * pinctrl: equilibrium: rename irq_chip function callbacks (stable-fixes). * pinctrl: mediatek: common: Fix probe failure for devices without EINT (git- fixes). * pinctrl: qcom: spmi-gpio: implement .get_direction() (git-fixes). * platform/olpc: olpc-xo175-ec: Fix overflow error message to print inlen (git-fixes). * platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data (git- fixes). * platform/x86: dell-wmi: Add audio/mic mute key codes (stable-fixes). * platform/x86: intel-hid: Add Dell 14 Plus 2-in-1 to dmi_vgbs_allow_list (stable-fixes). * platform/x86: intel-hid: Enable 5-button array on ThinkPad X1 Fold 16 Gen 1 (stable-fixes). * platform/x86: ISST: Correct locked bit width (git-fixes). * platform/x86: touchscreen_dmi: Add quirk for y-inverted Goodix touchscreen on SUPI S10 (stable-fixes). * PM: runtime: Fix a race condition related to device removal (git-fixes). * qmi_wwan: allow max_mtu above hard_mtu to control rx_urb_size (git-fixes). * RDMA/mana_ib: Access remote atomic for MRs (bsc#1251135). * RDMA/mana_ib: add additional port counters (bsc#1251135). * RDMA/mana_ib: Add device statistics support (git-fixes). * RDMA/mana_ib: Add device-memory support (git-fixes). * RDMA/mana_ib: Add EQ creation for rnic adapter (git-fixes). * RDMA/mana_ib: Add port statistics support (git-fixes). * RDMA/mana_ib: Add support of 4M, 1G, and 2G pages (git-fixes). * RDMA/mana_ib: Add support of mana_ib for RNIC and ETH nic (git-fixes). * RDMA/mana_ib: add support of multiple ports (bsc#1251135). * RDMA/mana_ib: Adding and deleting GIDs (git-fixes). * RDMA/mana_ib: Allow registration of DMA-mapped memory in PDs (git-fixes). * RDMA/mana_ib: check cqe length for kernel CQs (git-fixes). * RDMA/mana_ib: Configure mac address in RNIC (git-fixes). * RDMA/mana_ib: Create and destroy RC QP (git-fixes). * RDMA/mana_ib: Create and destroy rnic adapter (git-fixes). * RDMA/mana_ib: create and destroy RNIC cqs (git-fixes). * RDMA/mana_ib: Create and destroy UD/GSI QP (git-fixes). * RDMA/mana_ib: create EQs for RNIC CQs (git-fixes). * RDMA/mana_ib: create kernel-level CQs (git-fixes). * RDMA/mana_ib: create/destroy AH (git-fixes). * RDMA/mana_ib: Drain send wrs of GSI QP (git-fixes). * RDMA/mana_ib: Enable RoCE on port 1 (git-fixes). * RDMA/mana_ib: extend mana QP table (git-fixes). * RDMA/mana_ib: Extend modify QP (git-fixes). * RDMA/mana_ib: extend query device (git-fixes). * RDMA/mana_ib: Fix DSCP value in modify QP (git-fixes). * RDMA/mana_ib: Fix error code in probe() (git-fixes). * RDMA/mana_ib: Fix integer overflow during queue creation (bsc#1251135). * RDMA/mana_ib: Fix missing ret value (git-fixes). * RDMA/mana_ib: Handle net event for pointing to the current netdev (bsc#1256690). * RDMA/mana_ib: helpers to allocate kernel queues (git-fixes). * RDMA/mana_ib: Implement DMABUF MR support (git-fixes). * RDMA/mana_ib: implement get_dma_mr (git-fixes). * RDMA/mana_ib: Implement port parameters (git-fixes). * RDMA/mana_ib: implement req_notify_cq (git-fixes). * RDMA/mana_ib: implement uapi for creation of rnic cq (git-fixes). * RDMA/mana_ib: Implement uapi to create and destroy RC QP (git-fixes). * RDMA/mana_ib: indicate CM support (git-fixes). * RDMA/mana_ib: introduce a helper to remove cq callbacks (git-fixes). * RDMA/mana_ib: Introduce helpers to create and destroy mana queues (git- fixes). * RDMA/mana_ib: Introduce mana_ib_get_netdev helper function (git-fixes). * RDMA/mana_ib: Introduce mana_ib_install_cq_cb helper function (git-fixes). * RDMA/mana_ib: Introduce mdev_to_gc helper function (git-fixes). * RDMA/mana_ib: Modify QP state (git-fixes). * RDMA/mana_ib: polling of CQs for GSI/UD (git-fixes). * RDMA/mana_ib: Process QP error events in mana_ib (git-fixes). * RDMA/mana_ib: Query feature_flags bitmask from FW (git-fixes). * RDMA/mana_ib: remove useless return values from dbg prints (git-fixes). * RDMA/mana_ib: request error CQEs when supported (git-fixes). * RDMA/mana_ib: Set correct device into ib (git-fixes). * RDMA/mana_ib: set node_guid (git-fixes). * RDMA/mana_ib: support of the zero based MRs (bsc#1251135). * RDMA/mana_ib: Take CQ type from the device type (git-fixes). * RDMA/mana_ib: UD/GSI QP creation for kernel (git-fixes). * RDMA/mana_ib: UD/GSI work requests (git-fixes). * RDMA/mana_ib: unify mana_ib functions to support any gdma device (git- fixes). * RDMA/mana_ib: Use num_comp_vectors of ib_device (git-fixes). * RDMA/mana_ib: Use safer allocation function() (bsc#1251135). * RDMA/mana_ib: Use struct mana_ib_queue for CQs (git-fixes). * RDMA/mana_ib: Use struct mana_ib_queue for RAW QPs (git-fixes). * RDMA/mana_ib: Use struct mana_ib_queue for WQs (git-fixes). * regmap: Synchronize cache for the page selector (git-fixes). * regulator: pca9450: Correct interrupt type (git-fixes). * regulator: pca9450: Make IRQ optional (stable-fixes). * remoteproc: sysmon: Correct subsys_name_len type in QMI request (git-fixes). * s390: Disable ARCH_WANT_OPTIMIZE_HUGETLB_VMEMMAP (bsc#1254306). * scsi: mpi3mr: Event processing debug improvement (bsc#1251186 bsc#1258832). * scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT (git-fixes). * scsi: storvsc: Remove redundant ternary operators (git-fixes). * selftests/powerpc: make sub-folders buildable on their own (bsc#1261669 ltc#212590). * selftests/powerpc: Re-order *FLAGS to follow lib.mk (bsc#1261669 ltc#212590). * selftests/powerpc: Suppress -Wmaybe-uninitialized with GCC 15 (bsc#1261669 ltc#212590). * serial: 8250_pci: add support for the AX99100 (stable-fixes). * serial: 8250: Add late synchronize_irq() to shutdown to handle DW UART BUSY (git-fixes). * serial: 8250: Fix TX deadlock when using DMA (git-fixes). * serial: uartlite: fix PM runtime usage count underflow on probe (git-fixes). * soc: aspeed: socinfo: Mask table entries for accurate SoC ID matching (git- fixes). * soc: fsl: qbman: fix race condition in qman_destroy_fq (git-fixes). * spi: fix statistics allocation (git-fixes). * spi: fix use-after-free on controller registration failure (git-fixes). * spi: spi-fsl-lpspi: fix teardown order issue (UAF) (git-fixes). * staging: rtl8723bs: properly validate the data in rtw_get_ie_ex() (stable- fixes). * tg3: Fix race for querying speed/duplex (bsc#1257183). * thunderbolt: Fix property read in nhi_wake_supported() (git-fixes). * tools: hv: Enable debug logs for hv_kvp_daemon (git-fixes). * tools: hv: lsvmbus: change shebang to use python3 (git-fixes). * tools/hv: add a .gitignore file (git-fixes). * tools/hv: reduce resouce usage in hv_get_dns_info helper (git-fixes). * tools/hv: reduce resource usage in hv_kvp_daemon (git-fixes). * usb: cdc-acm: Restore CAP_BRK functionnality to CH343 (git-fixes). * usb: cdns3: call cdns_power_is_lost() only once in cdns_resume() (stable- fixes). * usb: cdns3: fix role switching during resume (git-fixes). * usb: cdns3: gadget: fix NULL pointer dereference in ep_queue (git-fixes). * usb: cdns3: gadget: fix state inconsistency on gadget init failure (git- fixes). * usb: cdns3: remove redundant if branch (stable-fixes). * usb: class: cdc-wdm: fix reordering issue in read code path (git-fixes). * usb: core: don't power off roothub PHYs if phy_set_mode() fails (git-fixes). * USB: core: Limit the length of unkillable synchronous timeouts (git-fixes). * USB: dummy-hcd: Fix interrupt synchronization error (git-fixes). * USB: dummy-hcd: Fix locking/synchronization error (git-fixes). * usb: dwc2: gadget: Fix spin_lock/unlock mismatch in dwc2_hsotg_udc_stop() (git-fixes). * usb: dwc3: pci: add support for the Intel Nova Lake -H (stable-fixes). * usb: ehci-brcm: fix sleep during atomic (git-fixes). * USB: ezcap401 needs USB_QUIRK_NO_BOS to function on 10gbs usb speed (stable- fixes). * usb: gadget: f_mass_storage: Fix potential integer overflow in check_command_size_in_blocks() (git-fixes). * usb: gadget: f_rndis: Protect RNDIS options with mutex (git-fixes). * usb: gadget: f_subset: Fix unbalanced refcnt in geth_free (git-fixes). * usb: gadget: u_ether: Fix race between gether_disconnect and eth_stop (git- fixes). * usb: gadget: uvc: fix NULL pointer dereference during unbind race (git- fixes). * usb: image: mdc800: kill download URB on timeout (stable-fixes). * usb: mdc800: handle signal and read racing (stable-fixes). * usb: misc: uss720: properly clean up reference in uss720_probe() (stable- fixes). * usb: renesas_usbhs: fix use-after-free in ISR during device removal (git- fixes). * usb: roles: get usb role switch from parent only for usb-b-connector (git- fixes). * USB: serial: f81232: fix incomplete serial port generation (stable-fixes). * usb: ulpi: fix double free in ulpi_register_interface() error path (git- fixes). * USB: usbcore: Introduce usb_bulk_msg_killable() (git-fixes). * usb: usbtmc: Flush anchored URBs in usbtmc_release (git-fixes). * USB: usbtmc: Use usb_bulk_msg_killable() with user-specified timeouts (git- fixes). * usb: xhci: Fix memory leak in xhci_disable_slot() (git-fixes). * usb: xhci: Prevent interrupt storm on host controller error (HCE) (stable- fixes). * usb: yurex: fix race in probe (stable-fixes). * usb/core/quirks: Add Huawei ME906S-device to wakeup quirk (stable-fixes). * wifi: cfg80211: cancel pmsr_free_wk in cfg80211_pmsr_wdev_down (git-fixes). * wifi: cw1200: Fix locking in error paths (git-fixes). * wifi: iwlwifi: mvm: fix potential out-of-bounds read in iwl_mvm_nd_match_info_handler() (git-fixes). * wifi: mac80211: fix NULL deref in mesh_matches_local() (git-fixes). * wifi: mac80211: Fix static_branch_dec() underflow for aql_disable (git- fixes). * wifi: mac80211: set default WMM parameters on all links (stable-fixes). * wifi: mt76: Fix possible oob access in mt76_connac2_mac_write_txwi_80211() (git-fixes). * wifi: mt76: mt7925: Fix possible oob access in mt7925_mac_write_txwi_80211() (git-fixes). * wifi: mt76: mt7996: Fix possible oob access in mt7996_mac_write_txwi_80211() (git-fixes). * wifi: rsi: Don't default to -EOPNOTSUPP in rsi_mac80211_config (git-fixes). * wifi: wilc1000: fix u8 overflow in SSID scan buffer size calculation (git- fixes). * wifi: wlcore: Fix a locking bug (git-fixes). * wifi: wlcore: Return -ENOMEM instead of -EAGAIN if there is not enough headroom (git-fixes). * x86/platform/uv: Handle deconfigured sockets (bsc#1260347). * xen/privcmd: unregister xenstore notifier on module exit (git-fixes). ## Security update for cockpit ### Description: This update for cockpit fixes the following issues: * CVE-2026-25547: brace-expansion: unbounded brace range expansion can lead to excessive resource consumption and crash a Node.js process (bsc#1257836). * CVE-2026-26996: minimatch: processing of glob pattern containing repeated wildcards followed by a literal character that doesn't appear in the test string can lead to ReDoS (bsc#1258641). ## Security update for the Linux Kernel ### Description: The SUSE Linux Micro (RT) 6.0 and 6.1 kernel was updated to fix various security issues The following security issues were fixed: * CVE-2024-38542: RDMA/mana_ib: boundary check before installing cq callbacks (bsc#1226591). * CVE-2025-39817: efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare (bsc#1249998). * CVE-2025-39998: scsi: target: target_core_configfs: Add length check to avoid buffer overflow (bsc#1252073). * CVE-2025-40201: kernel/sys.c: fix the racy usage of task_lock(tsk->group_leader) in sys_prlimit64() paths (bsc#1253455). * CVE-2025-40253: s390/ctcm: Fix double-kfree (bsc#1255084). * CVE-2025-68794: iomap: adjust read range correctly for non-block-aligned positions (bsc#1256647). * CVE-2025-71125: tracing: Do not register unsupported perf events (bsc#1256784). * CVE-2025-71268: btrfs: fix reservation leak in some error paths when inserting inline extent (bsc#1259865). * CVE-2025-71269: btrfs: do not free data reservation in fallback from inline due to -ENOSPC (bsc#1259889). * CVE-2026-23030: phy: rockchip: inno-usb2: Fix a double free bug in rockchip_usb2phy_probe() (bsc#1257561). * CVE-2026-23047: libceph: make calc_target() set t->paused, not just clear it (bsc#1257682). * CVE-2026-23069: vsock/virtio: fix potential underflow in virtio_transport_get_credit() (bsc#1257755). * CVE-2026-23088: tracing: Fix crash on synthetic stacktrace field usage (bsc#1257814). * CVE-2026-23103: ipvlan: Make the addrs_lock be per port (bsc#1257773). * CVE-2026-23120: l2tp: avoid one data-race in l2tp_tunnel_del_work() (bsc#1258280). * CVE-2026-23125: sctp: move SCTP_CMD_ASSOC_SHKEY right after SCTP_CMD_PEER_INIT (bsc#1258293). * CVE-2026-23136: libceph: reset sparse-read state in osd_fault() (bsc#1258303). * CVE-2026-23140: bpf, test_run: Subtract size of xdp_frame from allowed metadata size (bsc#1258305). * CVE-2026-23154: net: fix segmentation of forwarding fraglist GRO (bsc#1258286). * CVE-2026-23169: mptcp: fix race in mptcp_pm_nl_flush_addrs_doit() (bsc#1258389). * CVE-2026-23187: pmdomain: imx8m-blk-ctrl: fix out-of-range access of bc->domains (bsc#1258330). * CVE-2026-23193: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (bsc#1258414). * CVE-2026-23201: ceph: fix oops due to invalid pointer for kfree() in parse_longname() (bsc#1258337). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1258340). * CVE-2026-23216: scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() (bsc#1258447). * CVE-2026-23231: netfilter: nf_tables: register hooks last when adding new chain/flowtable (bsc#1259188). * CVE-2026-23242: RDMA/siw: Fix potential NULL pointer dereference in header processing (bsc#1259795). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259797). * CVE-2026-23255: net: add proper RCU protection to /proc/net/ptype (bsc#1259891). * CVE-2026-23262: gve: Fix stats report corruption on queue count change (bsc#1259870). * CVE-2026-23270: net/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks (bsc#1259886). * CVE-2026-23272: netfilter: nf_tables: unconditionally bump set->nelems before insertion (bsc#1260009). * CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260005). * CVE-2026-23277: net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit (bsc#1259997). * CVE-2026-23278: netfilter: nf_tables: always walk all pending catchall elements (bsc#1259998). * CVE-2026-23281: wifi: libertas: fix use-after-free in lbs_free_adapter() (bsc#1260464). * CVE-2026-23292: scsi: target: Fix recursive locking in __configfs_open_file() (bsc#1260500). * CVE-2026-23293: net: vxlan: fix nd_tbl NULL dereference when IPv6 is disabled (bsc#1260486). * CVE-2026-23304: ipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu() (bsc#1260544). * CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260562). * CVE-2026-23319: bpf: export bpf_link_inc_not_zero (bsc#1260735). * CVE-2026-23335: RDMA/irdma: Fix kernel stack leak in irdma_create_user_ah() (bsc#1260550). * CVE-2026-23343: xdp: produce a warning when calculated tailroom is negative (bsc#1260527). * CVE-2026-23361: PCI: dwc: ep: Flush MSI-X write before unmapping its ATU entry (bsc#1260732). * CVE-2026-23379: net/sched: ets: fix divide by zero in the offload path (bsc#1260481). * CVE-2026-23381: net: bridge: fix nd_tbl NULL dereference when IPv6 is disabled (bsc#1260471). * CVE-2026-23383: bpf, arm64: Force 8-byte alignment for JIT buffer to prevent atomic tearing (bsc#1260497). * CVE-2026-23386: gve: fix incorrect buffer cleanup in gve_tx_clean_pending_packets for QPL (bsc#1260799). * CVE-2026-23395: Bluetooth: L2CAP: Fix accepting multiple L2CAP_ECRED_CONN_REQ (bsc#1260580). * CVE-2026-23398: icmp: fix NULL pointer dereference in icmp_tag_validation() (bsc#1260730). * CVE-2026-23412: netfilter: bpf: defer hook memory release until rcu readers are done (bsc#1261412). * CVE-2026-23413: clsact: Fix use-after-free in init/destroy rollback asymmetry (bsc#1261498). * CVE-2026-23414: tls: Purge async_hold in tls_decrypt_async_wait() (bsc#1261496). * CVE-2026-23419: net/rds: Fix circular locking dependency in rds_tcp_tune (bsc#1261507). * CVE-2026-31788: xen/privcmd: restrict usage in unprivileged domU (bsc#1259707). The following non security issues were fixed: * accel/qaic: Handle DBC deactivation if the owner went away (git-fixes). * ACPI: EC: clean up handlers on probe failure in acpi_ec_setup() (git-fixes). * ACPI: OSI: Add DMI quirk for Acer Aspire One D255 (stable-fixes). * ACPI: OSL: fix __iomem type on return from acpi_os_map_generic_address() (git-fixes). * ACPI: PM: Save NVS memory on Lenovo G70-35 (stable-fixes). * ACPI: processor: Fix previous acpi_processor_errata_piix4() fix (git-fixes). * ALSA: caiaq: fix stack out-of-bounds read in init_card (git-fixes). * ALSA: firewire-lib: fix uninitialized local variable (git-fixes). * ALSA: hda: cs35l56: Fix signedness error in cs35l56_hda_posture_put() (git- fixes). * ALSA: hda/conexant: Add quirk for HP ZBook Studio G4 (stable-fixes). * ALSA: hda/conexant: Fix headphone jack handling on Acer Swift SF314 (stable- fixes). * ALSA: hda/realtek: Add headset jack quirk for Thinkpad X390 (stable-fixes). * ALSA: hda/realtek: add HP Laptop 14s-dr5xxx mute LED quirk (stable-fixes). * ALSA: pci: hda: use snd_kcontrol_chip() (stable-fixes). * ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain() (git-fixes). * ALSA: usb-audio: Check endpoint numbers at parsing Scarlett2 mixer interfaces (stable-fixes). * apparmor: fix differential encoding verification (bsc#1258849). * apparmor: Fix double free of ns_name in aa_replace_profiles() (bsc#1258849). * apparmor: fix memory leak in verify_header (bsc#1258849). * apparmor: fix missing bounds check on DEFAULT table in verify_dfa() (bsc#1258849). * apparmor: fix race between freeing data and fs accessing it (bsc#1258849). * apparmor: fix race on rawdata dereference (bsc#1258849). * apparmor: fix side-effect bug in match_char() macro usage (bsc#1258849). * apparmor: fix unprivileged local user can do privileged policy management (bsc#1258849). * apparmor: fix: limit the number of levels of policy namespaces (bsc#1258849). * apparmor: replace recursive profile removal with iterative approach (bsc#1258849). * apparmor: validate DFA start states are in bounds in unpack_pdb (bsc#1258849). * ASoC: adau1372: Fix clock leak on PLL lock failure (git-fixes). * ASoC: adau1372: Fix unchecked clk_prepare_enable() return value (git-fixes). * ASoC: amd: acp-mach-common: Add missing error check for clock acquisition (git-fixes). * ASoC: amd: acp3x-rt5682-max9836: Add missing error check for clock acquisition (git-fixes). * ASoC: amd: yc: Add ASUS EXPERTBOOK BM1503CDA to quirk table (stable-fixes). * ASoC: amd: yc: Add DMI quirk for ASUS EXPERTBOOK PM1503CDA (stable-fixes). * ASoC: detect empty DMI strings (git-fixes). * ASoC: ep93xx: Fix unchecked clk_prepare_enable() and add rollback on failure (git-fixes). * ASoC: fsl_easrc: Fix event generation in fsl_easrc_iec958_put_bits() (stable-fixes). * ASoC: fsl_easrc: Fix event generation in fsl_easrc_iec958_set_reg() (stable- fixes). * ASoC: Intel: catpt: Fix the device initialization (git-fixes). * ASoC: qcom: qdsp6: Fix q6apm remove ordering during ADSP stop and start (git-fixes). * ASoC: soc-core: drop delayed_work_pending() check before flush (git-fixes). * ASoC: soc-core: flush delayed work before removing DAIs and widgets (git- fixes). * ASoC: SOF: ipc4-topology: Allow bytes controls without initial payload (git- fixes). * batman-adv: Avoid double-rtnl_lock ELP metric worker (git-fixes). * Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock (git-fixes). * Bluetooth: btusb: clamp SCO altsetting table indices (git-fixes). * Bluetooth: hci_event: fix potential UAF in hci_le_remote_conn_param_req_evt (git-fixes). * Bluetooth: hci_ll: Fix firmware leak on error path (git-fixes). * Bluetooth: hci_sync: call destroy in hci_cmd_sync_run if immediate (git- fixes). * Bluetooth: hci_sync: Fix hci_le_create_conn_sync (git-fixes). * Bluetooth: hci_sync: Remove remaining dependencies of hci_request (stable- fixes). * Bluetooth: HIDP: Fix possible UAF (git-fixes). * Bluetooth: L2CAP: Fix ERTM re-init and zero pdu_len infinite loop (git- fixes). * Bluetooth: L2CAP: Fix null-ptr-deref on l2cap_sock_ready_cb (git-fixes). * Bluetooth: L2CAP: Fix send LE flow credits in ACL link (git-fixes). * Bluetooth: L2CAP: Fix type confusion in l2cap_ecred_reconf_rsp() (git- fixes). * Bluetooth: L2CAP: Fix use-after-free in l2cap_unregister_user (git-fixes). * Bluetooth: L2CAP: Validate L2CAP_INFO_RSP payload length before access (git- fixes). * Bluetooth: L2CAP: Validate PDU length before reading SDU length in l2cap_ecred_data_rcv() (git-fixes). * Bluetooth: LE L2CAP: Disconnect if received packet's SDU exceeds IMTU (git- fixes). * Bluetooth: LE L2CAP: Disconnect if sum of payload sizes exceed SDU (git- fixes). * Bluetooth: MGMT: Fix dangling pointer on mgmt_add_adv_patterns_monitor_complete (git-fixes). * Bluetooth: MGMT: validate LTK enc_size on load (git-fixes). * Bluetooth: MGMT: validate mesh send advertising payload length (git-fixes). * Bluetooth: Remove 3 repeated macro definitions (stable-fixes). * Bluetooth: SCO: fix race conditions in sco_sock_connect() (git-fixes). * Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold (git-fixes). * Bluetooth: SMP: derive legacy responder STK authentication from MITM state (git-fixes). * Bluetooth: SMP: force responder MITM requirements before building the pairing response (git-fixes). * Bluetooth: SMP: make SM/PER/KDU/BI-04-C happy (git-fixes). * bonding: do not set usable_slaves for broadcast mode (git-fixes). * btrfs: fix zero size inode with non-zero size after log replay (git-fixes). * btrfs: log new dentries when logging parent dir of a conflicting inode (git- fixes). * btrfs: tracepoints: get correct superblock from dentry in event btrfs_sync_file() (bsc#1257777). * can: bcm: fix locking for bcm_op runtime updates (git-fixes). * can: ems_usb: ems_usb_read_bulk_callback(): check the proper length of a message (git-fixes). * can: gw: fix OOB heap access in cgw_csum_crc8_rel() (git-fixes). * can: hi311x: hi3110_open(): add check for hi3110_power_enable() return value (git-fixes). * can: isotp: fix tx.buf use-after-free in isotp_sendmsg() (git-fixes). * can: mcp251x: fix deadlock in error path of mcp251x_open (git-fixes). * can: ucan: Fix infinite loop from zero-length messages (git-fixes). * can: usb: etas_es58x: correctly anchor the urb in the read bulk callback (git-fixes). * comedi: me_daq: Fix potential overrun of firmware buffer (git-fixes). * comedi: me4000: Fix potential overrun of firmware buffer (git-fixes). * comedi: ni_atmio16d: Fix invalid clean-up after failed attach (git-fixes). * comedi: Reinit dev-spinlock between attachments to low-level drivers (git- fixes). * crypto: af-alg - fix NULL pointer dereference in scatterwalk (git-fixes). * crypto: caam - fix DMA corruption on long hmac keys (git-fixes). * crypto: caam - fix overflow on long hmac keys (git-fixes). * dmaengine: idxd: Fix freeing the allocated ida too late (git-fixes). * dmaengine: idxd: Fix leaking event log memory (git-fixes). * dmaengine: idxd: Fix memory leak when a wq is reset (git-fixes). * dmaengine: idxd: Fix not releasing workqueue on .release() (git-fixes). * dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc() (git-fixes). * dmaengine: idxd: Remove usage of the deprecated ida_simple_xx() API (stable- fixes). * dmaengine: sh: rz-dmac: Move CHCTRL updates under spinlock (git-fixes). * dmaengine: sh: rz-dmac: Protect the driver specific lists (git-fixes). * dmaengine: xilinx: xdma: Fix regmap init error handling (git-fixes). * dmaengine: xilinx: xilinx_dma: Fix dma_device directions (git-fixes). * dmaengine: xilinx: xilinx_dma: Fix residue calculation for cyclic DMA (git- fixes). * dmaengine: xilinx: xilinx_dma: Fix unmasked residue subtraction (git-fixes). * Drivers: hv: fix missing kernel-doc description for 'size' in request_arr_init() (git-fixes). * Drivers: hv: remove stale comment (git-fixes). * Drivers: hv: vmbus: Clean up sscanf format specifier in target_cpu_store() (git-fixes). * Drivers: hv: vmbus: Fix sysfs output format for ring buffer index (git- fixes). * Drivers: hv: vmbus: Fix typos in vmbus_drv.c (git-fixes). * drm/amd: Set num IP blocks to 0 if discovery fails (stable-fixes). * drm/amd/display: Add pixel_clock to amd_pp_display_configuration (stable- fixes). * drm/amd/display: Fix DisplayID not-found handling in parse_edid_displayid_vrr() (git-fixes). * drm/amdgpu: apply state adjust rules to some additional HAINAN vairants (stable-fixes). * drm/amdgpu: Fix fence put before wait in amdgpu_amdkfd_submit_ib (git- fixes). * drm/amdgpu: Fix use-after-free race in VM acquire (stable-fixes). * drm/amdgpu: keep vga memory on MacBooks with switchable graphics (stable- fixes). * drm/amdgpu/gmc9.0: add bounds checking for cid (stable-fixes). * drm/amdgpu/mmhub2.0: add bounds checking for cid (stable-fixes). * drm/amdgpu/mmhub2.3: add bounds checking for cid (stable-fixes). * drm/amdgpu/mmhub3.0: add bounds checking for cid (stable-fixes). * drm/amdgpu/mmhub3.0.1: add bounds checking for cid (stable-fixes). * drm/amdgpu/mmhub3.0.2: add bounds checking for cid (stable-fixes). * drm/ast: dp501: Fix initialization of SCU2C (git-fixes). * drm/bridge: ti-sn65dsi83: fix CHA_DSI_CLK_RANGE rounding (git-fixes). * drm/bridge: ti-sn65dsi86: Add support for DisplayPort mode with HPD (stable- fixes). * drm/i915/dp: Use crtc_state->enhanced_framing properly on ivb/hsw CPU eDP (git-fixes). * drm/i915/gmbus: fix spurious timeout on 512-byte burst reads (git-fixes). * drm/i915/gt: Check set_default_submission() before deferencing (git-fixes). * drm/ioc32: stop speculation on the drm_compat_ioctl path (git-fixes). * drm/msm/dsi: Document DSC related pclk_rate and hdisplay calculations (stable-fixes). * drm/msm/dsi: fix hdisplay calculation when programming dsi registers (git- fixes). * drm/msm/dsi: fix pclk rate calculation for bonded dsi (git-fixes). * drm/radeon: apply state adjust rules to some additional HAINAN vairants (stable-fixes). * drm/sched: Fix kernel-doc warning for drm_sched_job_done() (git-fixes). * drm/solomon: Fix page start when updating rectangle in page addressing mode (git-fixes). * firmware: arm_scpi: Fix device_node reference leak in probe path (git- fixes). * gpio: mxc: map Both Edge pad wakeup to Rising Edge (git-fixes). * HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them (stable-fixes). * HID: apple: avoid memory leak in apple_report_fixup() (stable-fixes). * HID: asus: avoid memory leak in asus_report_fixup() (stable-fixes). * HID: magicmouse: avoid memory leak in magicmouse_report_fixup() (stable- fixes). * HID: mcp2221: cancel last I2C command on read error (stable-fixes). * hv/hv_kvp_daemon: Handle IPv4 and Ipv6 combination for keyfile format (git- fixes). * hv/hv_kvp_daemon: Pass NIC name to hv_get_dns_info as well (git-fixes). * hwmon: (adm1177) fix sysfs ABI violation and current unit conversion (git- fixes). * hwmon: (axi-fan-control) Make use of dev_err_probe() (stable-fixes). * hwmon: (axi-fan-control) Use device firmware agnostic API (stable-fixes). * hwmon: (it87) Check the it87_lock() return value (git-fixes). * hwmon: (occ) Fix division by zero in occ_show_power_1() (git-fixes). * hwmon: (occ) Fix missing newline in occ_show_extended() (git-fixes). * hwmon: (peci/cputemp) Fix crit_hyst returning delta instead of absolute temperature (git-fixes). * hwmon: (peci/cputemp) Fix off-by-one in cputemp_is_visible() (git-fixes). * hwmon: (pmbus/isl68137) Add mutex protection for AVS enable sysfs attributes (git-fixes). * hwmon: (pmbus/isl68137) Fix unchecked return value and use sysfs_emit() (git-fixes). * hwmon: (pmbus/q54sj108a2) fix stack overflow in debugfs read (git-fixes). * hwmon: (pxe1610) Check return value of page-select write in probe (git- fixes). * hwmon: (tps53679) Fix device ID comparison and printing in tps53676_identify() (git-fixes). * hwmon: axi-fan: don't use driver_override as IRQ name (git-fixes). * i2c: cp2615: fix serial string NULL-deref at probe (git-fixes). * i2c: cp2615: replace deprecated strncpy with strscpy (stable-fixes). * i2c: fsi: Fix a potential leak in fsi_i2c_probe() (git-fixes). * i2c: pxa: defer reset on Armada 3700 when recovery is used (git-fixes). * idpf: nullify pointers after they are freed (git-fixes). * iio: accel: fix ADXL355 temperature signature value (git-fixes). * iio: adc: ti-adc161s626: fix buffer read on big-endian (git-fixes). * iio: chemical: bme680: Fix measurement wait duration calculation (git- fixes). * iio: chemical: sps30_i2c: fix buffer size in sps30_i2c_read_meas() (git- fixes). * iio: chemical: sps30_serial: fix buffer size in sps30_serial_read_meas() (git-fixes). * iio: dac: ad5770r: fix error return in ad5770r_read_raw() (git-fixes). * iio: dac: ds4424: reject -128 RAW value (git-fixes). * iio: frequency: adf4377: Fix duplicated soft reset mask (git-fixes). * iio: gyro: mpu3050-core: fix pm_runtime error handling (git-fixes). * iio: gyro: mpu3050-i2c: fix pm_runtime error handling (git-fixes). * iio: gyro: mpu3050: Fix incorrect free_irq() variable (git-fixes). * iio: gyro: mpu3050: Fix irq resource leak (git-fixes). * iio: gyro: mpu3050: Fix out-of-sequence free_irq() (git-fixes). * iio: gyro: mpu3050: Move iio_device_register() to correct location (git- fixes). * iio: imu: bmi160: Remove potential undefined behavior in bmi160_config_pin() (git-fixes). * iio: imu: bno055: fix BNO055_SCAN_CH_COUNT off by one (git-fixes). * iio: imu: inv_icm42600: fix odr switch to the same value (git-fixes). * iio: imu: st_lsm6dsx: Set FIFO ODR for accelerometer and gyroscope only (git-fixes). * iio: light: vcnl4035: fix scan buffer on big-endian (git-fixes). * iio: potentiometer: mcp4131: fix double application of wiper shift (git- fixes). * Input: synaptics-rmi4 - fix a locking bug in an error path (git-fixes). * KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE (bsc#1259461). * media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex (git- fixes). * media: tegra-video: Use accessors for pad config 'try_*' fields (stable- fixes). * mfd: omap-usb-host: Convert to platform remove callback returning void (stable-fixes). * mfd: omap-usb-host: Fix OF populate on driver rebind (git-fixes). * mfd: qcom-pm8xxx: Convert to platform remove callback returning void (stable-fixes). * mfd: qcom-pm8xxx: Fix OF populate on driver rebind (git-fixes). * misc: fastrpc: possible double-free of cctx->remote_heap (git-fixes). * mmc: sdhci-pci-gli: fix GL9750 DMA write corruption (git-fixes). * mmc: sdhci: fix timing selection for 1-bit bus width (git-fixes). * mtd: Avoid boot crash in RedBoot partition table parser (git-fixes). * mtd: rawnand: brcmnand: skip DMA during panic write (git-fixes). * mtd: rawnand: cadence: Fix error check for dma_alloc_coherent() in cadence_nand_init() (git-fixes). * mtd: rawnand: pl353: make sure optimal timings are applied (git-fixes). * mtd: rawnand: serialize lock/unlock against other NAND operations (git- fixes). * mtd: spi-nor: core: avoid odd length/address reads on 8D-8D-8D mode (stable- fixes). * mtd: spi-nor: core: avoid odd length/address writes in 8D-8D-8D mode (stable-fixes). * net: mana: Add metadata support for xdp mode (git-fixes). * net: mana: Add standard counter rx_missed_errors (git-fixes). * net: mana: Add support for auxiliary device servicing events (bsc#1251971). * net: mana: Change the function signature of mana_get_primary_netdev_rcu (bsc#1256690). * net: mana: Drop TX skb on post_work_request failure and unmap resources (git-fixes). * net: mana: Fix double destroy_workqueue on service rescan PCI path (git- fixes). * net: mana: fix spelling for mana_gd_deregiser_irq() (git-fixes). * net: mana: fix use-after-free in add_adev() error path (git-fixes). * net: mana: Fix use-after-free in reset service rescan path (git-fixes). * net: mana: Fix warnings for missing export.h header inclusion (git-fixes). * net: mana: Handle hardware recovery events when probing the device (bsc#1257466). * net: mana: Handle Reset Request from MANA NIC (bsc#1245728 bsc#1251971). * net: mana: Handle SKB if TX SGEs exceed hardware limit (git-fixes). * net: mana: Handle unsupported HWC commands (git-fixes). * net: mana: Implement ndo_tx_timeout and serialize queue resets per port (bsc#1257472). * net: mana: Move hardware counter stats from per-port to per-VF context (git- fixes). * net: mana: Probe rdma device in mana driver (git-fixes). * net: mana: Reduce waiting time if HWC not responding (bsc#1252266). * net: mana: Ring doorbell at 4 CQ wraparounds (git-fixes). * net: mana: Support HW link state events (bsc#1253049). * net: mana: Trigger VF reset/recovery on health check failure due to HWC timeout (bsc#1259580). * net: mana: use ethtool string helpers (git-fixes). * net: mana: Use mana_cleanup_port_context() for rxq cleanup (git-fixes). * net: nfc: nci: Fix zero-length proprietary notifications (git-fixes). * net: usb: aqc111: Do not perform PM inside suspend callback (git-fixes). * net: usb: cdc_ncm: add ndpoffset to NDP16 nframes bounds check (git-fixes). * net: usb: cdc_ncm: add ndpoffset to NDP32 nframes bounds check (git-fixes). * net: usb: lan78xx: fix silent drop of packets with checksum errors (git- fixes). * net: usb: lan78xx: fix TX byte statistics for small packets (git-fixes). * net: usb: pegasus: validate USB endpoints (stable-fixes). * net/mana: Null service_wq on setup error to prevent double destroy (git- fix). * net/mlx5: Fix crash when moving to switchdev mode (git-fixes). * net/rose: fix NULL pointer dereference in rose_transmit_link on reconnect (git-fixes). * net/x25: Fix overflow when accumulating packets (git-fixes). * net/x25: Fix potential double free of skb (git-fixes). * nfc: nci: clear NCI_DATA_EXCHANGE before calling completion callback (git- fixes). * nfc: nci: fix circular locking dependency in nci_close_device (git-fixes). * nfc: nci: free skb on nci_transceive early error paths (git-fixes). * NFC: nxp-nci: allow GPIOs to sleep (git-fixes). * NFC: pn533: bound the UART receive buffer (git-fixes). * nfc: rawsock: cancel tx_work before socket teardown (git-fixes). * nouveau/dpcd: return EBUSY for aux xfer if the device is asleep (git-fixes). * PCI: hv: Correct a comment (git-fixes). * PCI: hv: Remove unnecessary flex array in struct pci_packet (git-fixes). * PCI: hv: remove unnecessary module_init/exit functions (git-fixes). * PCI: hv: Remove unused field pci_bus in struct hv_pcibus_device (git-fixes). * PCI: Update BAR # and window messages (stable-fixes). * phy: ti: j721e-wiz: Fix device node reference leak in wiz_get_lane_phy_types() (git-fixes). * pinctrl: equilibrium: fix warning trace on load (git-fixes). * pinctrl: equilibrium: rename irq_chip function callbacks (stable-fixes). * pinctrl: mediatek: common: Fix probe failure for devices without EINT (git- fixes). * pinctrl: qcom: spmi-gpio: implement .get_direction() (git-fixes). * platform/olpc: olpc-xo175-ec: Fix overflow error message to print inlen (git-fixes). * platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data (git- fixes). * platform/x86: dell-wmi: Add audio/mic mute key codes (stable-fixes). * platform/x86: intel-hid: Add Dell 14 Plus 2-in-1 to dmi_vgbs_allow_list (stable-fixes). * platform/x86: intel-hid: Enable 5-button array on ThinkPad X1 Fold 16 Gen 1 (stable-fixes). * platform/x86: ISST: Correct locked bit width (git-fixes). * platform/x86: touchscreen_dmi: Add quirk for y-inverted Goodix touchscreen on SUPI S10 (stable-fixes). * PM: runtime: Fix a race condition related to device removal (git-fixes). * qmi_wwan: allow max_mtu above hard_mtu to control rx_urb_size (git-fixes). * RDMA/mana_ib: Access remote atomic for MRs (bsc#1251135). * RDMA/mana_ib: add additional port counters (bsc#1251135). * RDMA/mana_ib: Add device statistics support (git-fixes). * RDMA/mana_ib: Add device-memory support (git-fixes). * RDMA/mana_ib: Add EQ creation for rnic adapter (git-fixes). * RDMA/mana_ib: Add port statistics support (git-fixes). * RDMA/mana_ib: Add support of 4M, 1G, and 2G pages (git-fixes). * RDMA/mana_ib: Add support of mana_ib for RNIC and ETH nic (git-fixes). * RDMA/mana_ib: add support of multiple ports (bsc#1251135). * RDMA/mana_ib: Adding and deleting GIDs (git-fixes). * RDMA/mana_ib: Allow registration of DMA-mapped memory in PDs (git-fixes). * RDMA/mana_ib: check cqe length for kernel CQs (git-fixes). * RDMA/mana_ib: Configure mac address in RNIC (git-fixes). * RDMA/mana_ib: Create and destroy RC QP (git-fixes). * RDMA/mana_ib: Create and destroy rnic adapter (git-fixes). * RDMA/mana_ib: create and destroy RNIC cqs (git-fixes). * RDMA/mana_ib: Create and destroy UD/GSI QP (git-fixes). * RDMA/mana_ib: create EQs for RNIC CQs (git-fixes). * RDMA/mana_ib: create kernel-level CQs (git-fixes). * RDMA/mana_ib: create/destroy AH (git-fixes). * RDMA/mana_ib: Drain send wrs of GSI QP (git-fixes). * RDMA/mana_ib: Enable RoCE on port 1 (git-fixes). * RDMA/mana_ib: extend mana QP table (git-fixes). * RDMA/mana_ib: Extend modify QP (git-fixes). * RDMA/mana_ib: extend query device (git-fixes). * RDMA/mana_ib: Fix DSCP value in modify QP (git-fixes). * RDMA/mana_ib: Fix error code in probe() (git-fixes). * RDMA/mana_ib: Fix integer overflow during queue creation (bsc#1251135). * RDMA/mana_ib: Fix missing ret value (git-fixes). * RDMA/mana_ib: Handle net event for pointing to the current netdev (bsc#1256690). * RDMA/mana_ib: helpers to allocate kernel queues (git-fixes). * RDMA/mana_ib: Implement DMABUF MR support (git-fixes). * RDMA/mana_ib: implement get_dma_mr (git-fixes). * RDMA/mana_ib: Implement port parameters (git-fixes). * RDMA/mana_ib: implement req_notify_cq (git-fixes). * RDMA/mana_ib: implement uapi for creation of rnic cq (git-fixes). * RDMA/mana_ib: Implement uapi to create and destroy RC QP (git-fixes). * RDMA/mana_ib: indicate CM support (git-fixes). * RDMA/mana_ib: introduce a helper to remove cq callbacks (git-fixes). * RDMA/mana_ib: Introduce helpers to create and destroy mana queues (git- fixes). * RDMA/mana_ib: Introduce mana_ib_get_netdev helper function (git-fixes). * RDMA/mana_ib: Introduce mana_ib_install_cq_cb helper function (git-fixes). * RDMA/mana_ib: Introduce mdev_to_gc helper function (git-fixes). * RDMA/mana_ib: Modify QP state (git-fixes). * RDMA/mana_ib: polling of CQs for GSI/UD (git-fixes). * RDMA/mana_ib: Process QP error events in mana_ib (git-fixes). * RDMA/mana_ib: Query feature_flags bitmask from FW (git-fixes). * RDMA/mana_ib: remove useless return values from dbg prints (git-fixes). * RDMA/mana_ib: request error CQEs when supported (git-fixes). * RDMA/mana_ib: Set correct device into ib (git-fixes). * RDMA/mana_ib: set node_guid (git-fixes). * RDMA/mana_ib: support of the zero based MRs (bsc#1251135). * RDMA/mana_ib: Take CQ type from the device type (git-fixes). * RDMA/mana_ib: UD/GSI QP creation for kernel (git-fixes). * RDMA/mana_ib: UD/GSI work requests (git-fixes). * RDMA/mana_ib: unify mana_ib functions to support any gdma device (git- fixes). * RDMA/mana_ib: Use num_comp_vectors of ib_device (git-fixes). * RDMA/mana_ib: Use safer allocation function() (bsc#1251135). * RDMA/mana_ib: Use struct mana_ib_queue for CQs (git-fixes). * RDMA/mana_ib: Use struct mana_ib_queue for RAW QPs (git-fixes). * RDMA/mana_ib: Use struct mana_ib_queue for WQs (git-fixes). * regmap: Synchronize cache for the page selector (git-fixes). * regulator: pca9450: Correct interrupt type (git-fixes). * regulator: pca9450: Make IRQ optional (stable-fixes). * remoteproc: sysmon: Correct subsys_name_len type in QMI request (git-fixes). * s390: Disable ARCH_WANT_OPTIMIZE_HUGETLB_VMEMMAP (bsc#1254306). * scsi: mpi3mr: Event processing debug improvement (bsc#1251186 bsc#1258832). * scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT (git-fixes). * scsi: storvsc: Remove redundant ternary operators (git-fixes). * selftests/powerpc: make sub-folders buildable on their own (bsc#1261669 ltc#212590). * selftests/powerpc: Re-order *FLAGS to follow lib.mk (bsc#1261669 ltc#212590). * selftests/powerpc: Suppress -Wmaybe-uninitialized with GCC 15 (bsc#1261669 ltc#212590). * serial: 8250_pci: add support for the AX99100 (stable-fixes). * serial: 8250: Add late synchronize_irq() to shutdown to handle DW UART BUSY (git-fixes). * serial: 8250: Fix TX deadlock when using DMA (git-fixes). * serial: uartlite: fix PM runtime usage count underflow on probe (git-fixes). * soc: aspeed: socinfo: Mask table entries for accurate SoC ID matching (git- fixes). * soc: fsl: qbman: fix race condition in qman_destroy_fq (git-fixes). * spi: fix statistics allocation (git-fixes). * spi: fix use-after-free on controller registration failure (git-fixes). * spi: spi-fsl-lpspi: fix teardown order issue (UAF) (git-fixes). * staging: rtl8723bs: properly validate the data in rtw_get_ie_ex() (stable- fixes). * tg3: Fix race for querying speed/duplex (bsc#1257183). * thunderbolt: Fix property read in nhi_wake_supported() (git-fixes). * tools: hv: Enable debug logs for hv_kvp_daemon (git-fixes). * tools: hv: lsvmbus: change shebang to use python3 (git-fixes). * tools/hv: add a .gitignore file (git-fixes). * tools/hv: reduce resouce usage in hv_get_dns_info helper (git-fixes). * tools/hv: reduce resource usage in hv_kvp_daemon (git-fixes). * usb: cdc-acm: Restore CAP_BRK functionnality to CH343 (git-fixes). * usb: cdns3: call cdns_power_is_lost() only once in cdns_resume() (stable- fixes). * usb: cdns3: fix role switching during resume (git-fixes). * usb: cdns3: gadget: fix NULL pointer dereference in ep_queue (git-fixes). * usb: cdns3: gadget: fix state inconsistency on gadget init failure (git- fixes). * usb: cdns3: remove redundant if branch (stable-fixes). * usb: class: cdc-wdm: fix reordering issue in read code path (git-fixes). * usb: core: don't power off roothub PHYs if phy_set_mode() fails (git-fixes). * USB: core: Limit the length of unkillable synchronous timeouts (git-fixes). * USB: dummy-hcd: Fix interrupt synchronization error (git-fixes). * USB: dummy-hcd: Fix locking/synchronization error (git-fixes). * usb: dwc2: gadget: Fix spin_lock/unlock mismatch in dwc2_hsotg_udc_stop() (git-fixes). * usb: dwc3: pci: add support for the Intel Nova Lake -H (stable-fixes). * usb: ehci-brcm: fix sleep during atomic (git-fixes). * USB: ezcap401 needs USB_QUIRK_NO_BOS to function on 10gbs usb speed (stable- fixes). * usb: gadget: f_mass_storage: Fix potential integer overflow in check_command_size_in_blocks() (git-fixes). * usb: gadget: f_rndis: Protect RNDIS options with mutex (git-fixes). * usb: gadget: f_subset: Fix unbalanced refcnt in geth_free (git-fixes). * usb: gadget: u_ether: Fix race between gether_disconnect and eth_stop (git- fixes). * usb: gadget: uvc: fix NULL pointer dereference during unbind race (git- fixes). * usb: image: mdc800: kill download URB on timeout (stable-fixes). * usb: mdc800: handle signal and read racing (stable-fixes). * usb: misc: uss720: properly clean up reference in uss720_probe() (stable- fixes). * usb: renesas_usbhs: fix use-after-free in ISR during device removal (git- fixes). * usb: roles: get usb role switch from parent only for usb-b-connector (git- fixes). * USB: serial: f81232: fix incomplete serial port generation (stable-fixes). * usb: ulpi: fix double free in ulpi_register_interface() error path (git- fixes). * USB: usbcore: Introduce usb_bulk_msg_killable() (git-fixes). * usb: usbtmc: Flush anchored URBs in usbtmc_release (git-fixes). * USB: usbtmc: Use usb_bulk_msg_killable() with user-specified timeouts (git- fixes). * usb: xhci: Fix memory leak in xhci_disable_slot() (git-fixes). * usb: xhci: Prevent interrupt storm on host controller error (HCE) (stable- fixes). * usb: yurex: fix race in probe (stable-fixes). * usb/core/quirks: Add Huawei ME906S-device to wakeup quirk (stable-fixes). * wifi: cfg80211: cancel pmsr_free_wk in cfg80211_pmsr_wdev_down (git-fixes). * wifi: cw1200: Fix locking in error paths (git-fixes). * wifi: iwlwifi: mvm: fix potential out-of-bounds read in iwl_mvm_nd_match_info_handler() (git-fixes). * wifi: mac80211: fix NULL deref in mesh_matches_local() (git-fixes). * wifi: mac80211: Fix static_branch_dec() underflow for aql_disable (git- fixes). * wifi: mac80211: set default WMM parameters on all links (stable-fixes). * wifi: mt76: Fix possible oob access in mt76_connac2_mac_write_txwi_80211() (git-fixes). * wifi: mt76: mt7925: Fix possible oob access in mt7925_mac_write_txwi_80211() (git-fixes). * wifi: mt76: mt7996: Fix possible oob access in mt7996_mac_write_txwi_80211() (git-fixes). * wifi: rsi: Don't default to -EOPNOTSUPP in rsi_mac80211_config (git-fixes). * wifi: wilc1000: fix u8 overflow in SSID scan buffer size calculation (git- fixes). * wifi: wlcore: Fix a locking bug (git-fixes). * wifi: wlcore: Return -ENOMEM instead of -EAGAIN if there is not enough headroom (git-fixes). * x86/platform/uv: Handle deconfigured sockets (bsc#1260347). * xen/privcmd: unregister xenstore notifier on module exit (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro Extras 6.0 zypper in -t patch SUSE-SLE-Micro-Extras-6.0-kernel-342=1 * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-342=1 * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-488=1 ## Package List: * SUSE Linux Micro Extras 6.0 (nosrc) * kernel-rt-6.4.0-41.1 * SUSE Linux Micro Extras 6.0 (x86_64) * kernel-rt-devel-6.4.0-41.1 * kernel-rt-debugsource-6.4.0-41.1 * kernel-rt-devel-debuginfo-6.4.0-41.1 * SUSE Linux Micro 6.0 (noarch) * kernel-devel-rt-6.4.0-41.1 * kernel-source-rt-6.4.0-41.1 * SUSE Linux Micro 6.0 (nosrc x86_64) * kernel-rt-6.4.0-41.1 * SUSE Linux Micro 6.0 (x86_64) * kernel-rt-livepatch-6.4.0-41.1 * kernel-rt-debugsource-6.4.0-41.1 * kernel-rt-debuginfo-6.4.0-41.1 * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * cockpit-debuginfo-322-slfo.1.1_3.1 * cockpit-ws-322-slfo.1.1_3.1 * cockpit-322-slfo.1.1_3.1 * cockpit-bridge-322-slfo.1.1_3.1 * cockpit-ws-debuginfo-322-slfo.1.1_3.1 * cockpit-bridge-debuginfo-322-slfo.1.1_3.1 * cockpit-debugsource-322-slfo.1.1_3.1 * SUSE Linux Micro 6.1 (noarch) * cockpit-networkmanager-322-slfo.1.1_3.1 * cockpit-system-322-slfo.1.1_3.1 * cockpit-storaged-322-slfo.1.1_3.1 * cockpit-selinux-322-slfo.1.1_3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-38542.html * https://www.suse.com/security/cve/CVE-2025-39817.html * https://www.suse.com/security/cve/CVE-2025-39998.html * https://www.suse.com/security/cve/CVE-2025-40201.html * https://www.suse.com/security/cve/CVE-2025-40253.html * https://www.suse.com/security/cve/CVE-2025-68794.html * https://www.suse.com/security/cve/CVE-2025-71125.html * https://www.suse.com/security/cve/CVE-2025-71268.html * https://www.suse.com/security/cve/CVE-2025-71269.html * https://www.suse.com/security/cve/CVE-2026-23030.html * https://www.suse.com/security/cve/CVE-2026-23047.html * https://www.suse.com/security/cve/CVE-2026-23054.html * https://www.suse.com/security/cve/CVE-2026-23069.html * https://www.suse.com/security/cve/CVE-2026-23088.html * https://www.suse.com/security/cve/CVE-2026-23103.html * https://www.suse.com/security/cve/CVE-2026-23120.html * https://www.suse.com/security/cve/CVE-2026-23125.html * https://www.suse.com/security/cve/CVE-2026-23136.html * https://www.suse.com/security/cve/CVE-2026-23140.html * https://www.suse.com/security/cve/CVE-2026-23154.html * https://www.suse.com/security/cve/CVE-2026-23157.html * https://www.suse.com/security/cve/CVE-2026-23169.html * https://www.suse.com/security/cve/CVE-2026-23187.html * https://www.suse.com/security/cve/CVE-2026-23193.html * https://www.suse.com/security/cve/CVE-2026-23201.html * https://www.suse.com/security/cve/CVE-2026-23202.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-23207.html * https://www.suse.com/security/cve/CVE-2026-23216.html * https://www.suse.com/security/cve/CVE-2026-23231.html * https://www.suse.com/security/cve/CVE-2026-23242.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23255.html * https://www.suse.com/security/cve/CVE-2026-23262.html * https://www.suse.com/security/cve/CVE-2026-23270.html * https://www.suse.com/security/cve/CVE-2026-23272.html * https://www.suse.com/security/cve/CVE-2026-23274.html * https://www.suse.com/security/cve/CVE-2026-23277.html * https://www.suse.com/security/cve/CVE-2026-23278.html * https://www.suse.com/security/cve/CVE-2026-23281.html * https://www.suse.com/security/cve/CVE-2026-23292.html * https://www.suse.com/security/cve/CVE-2026-23293.html * https://www.suse.com/security/cve/CVE-2026-23304.html * https://www.suse.com/security/cve/CVE-2026-23317.html * https://www.suse.com/security/cve/CVE-2026-23319.html * https://www.suse.com/security/cve/CVE-2026-23335.html * https://www.suse.com/security/cve/CVE-2026-23343.html * https://www.suse.com/security/cve/CVE-2026-23361.html * https://www.suse.com/security/cve/CVE-2026-23379.html * https://www.suse.com/security/cve/CVE-2026-23381.html * https://www.suse.com/security/cve/CVE-2026-23383.html * https://www.suse.com/security/cve/CVE-2026-23386.html * https://www.suse.com/security/cve/CVE-2026-23395.html * https://www.suse.com/security/cve/CVE-2026-23398.html * https://www.suse.com/security/cve/CVE-2026-23412.html * https://www.suse.com/security/cve/CVE-2026-23413.html * https://www.suse.com/security/cve/CVE-2026-23414.html * https://www.suse.com/security/cve/CVE-2026-23419.html * https://www.suse.com/security/cve/CVE-2026-25547.html * https://www.suse.com/security/cve/CVE-2026-26996.html * https://www.suse.com/security/cve/CVE-2026-31788.html * https://bugzilla.suse.com/show_bug.cgi?id=1226591 * https://bugzilla.suse.com/show_bug.cgi?id=1245728 * https://bugzilla.suse.com/show_bug.cgi?id=1249998 * https://bugzilla.suse.com/show_bug.cgi?id=1251135 * https://bugzilla.suse.com/show_bug.cgi?id=1251186 * https://bugzilla.suse.com/show_bug.cgi?id=1251971 * https://bugzilla.suse.com/show_bug.cgi?id=1252073 * https://bugzilla.suse.com/show_bug.cgi?id=1252266 * https://bugzilla.suse.com/show_bug.cgi?id=1253049 * https://bugzilla.suse.com/show_bug.cgi?id=1253455 * https://bugzilla.suse.com/show_bug.cgi?id=1254306 * https://bugzilla.suse.com/show_bug.cgi?id=1255084 * https://bugzilla.suse.com/show_bug.cgi?id=1256647 * https://bugzilla.suse.com/show_bug.cgi?id=1256690 * https://bugzilla.suse.com/show_bug.cgi?id=1256784 * https://bugzilla.suse.com/show_bug.cgi?id=1257183 * https://bugzilla.suse.com/show_bug.cgi?id=1257466 * https://bugzilla.suse.com/show_bug.cgi?id=1257472 * https://bugzilla.suse.com/show_bug.cgi?id=1257473 * https://bugzilla.suse.com/show_bug.cgi?id=1257506 * https://bugzilla.suse.com/show_bug.cgi?id=1257561 * https://bugzilla.suse.com/show_bug.cgi?id=1257682 * https://bugzilla.suse.com/show_bug.cgi?id=1257732 * https://bugzilla.suse.com/show_bug.cgi?id=1257755 * https://bugzilla.suse.com/show_bug.cgi?id=1257773 * https://bugzilla.suse.com/show_bug.cgi?id=1257777 * https://bugzilla.suse.com/show_bug.cgi?id=1257814 * https://bugzilla.suse.com/show_bug.cgi?id=1257836 * https://bugzilla.suse.com/show_bug.cgi?id=1257952 * https://bugzilla.suse.com/show_bug.cgi?id=1258280 * https://bugzilla.suse.com/show_bug.cgi?id=1258286 * https://bugzilla.suse.com/show_bug.cgi?id=1258293 * https://bugzilla.suse.com/show_bug.cgi?id=1258303 * https://bugzilla.suse.com/show_bug.cgi?id=1258305 * https://bugzilla.suse.com/show_bug.cgi?id=1258330 * https://bugzilla.suse.com/show_bug.cgi?id=1258337 * https://bugzilla.suse.com/show_bug.cgi?id=1258338 * https://bugzilla.suse.com/show_bug.cgi?id=1258340 * https://bugzilla.suse.com/show_bug.cgi?id=1258376 * https://bugzilla.suse.com/show_bug.cgi?id=1258389 * https://bugzilla.suse.com/show_bug.cgi?id=1258414 * https://bugzilla.suse.com/show_bug.cgi?id=1258447 * https://bugzilla.suse.com/show_bug.cgi?id=1258524 * https://bugzilla.suse.com/show_bug.cgi?id=1258641 * https://bugzilla.suse.com/show_bug.cgi?id=1258832 * https://bugzilla.suse.com/show_bug.cgi?id=1258849 * https://bugzilla.suse.com/show_bug.cgi?id=1259188 * https://bugzilla.suse.com/show_bug.cgi?id=1259461 * https://bugzilla.suse.com/show_bug.cgi?id=1259580 * https://bugzilla.suse.com/show_bug.cgi?id=1259707 * https://bugzilla.suse.com/show_bug.cgi?id=1259795 * https://bugzilla.suse.com/show_bug.cgi?id=1259797 * https://bugzilla.suse.com/show_bug.cgi?id=1259865 * https://bugzilla.suse.com/show_bug.cgi?id=1259870 * https://bugzilla.suse.com/show_bug.cgi?id=1259886 * https://bugzilla.suse.com/show_bug.cgi?id=1259889 * https://bugzilla.suse.com/show_bug.cgi?id=1259891 * https://bugzilla.suse.com/show_bug.cgi?id=1259997 * https://bugzilla.suse.com/show_bug.cgi?id=1259998 * https://bugzilla.suse.com/show_bug.cgi?id=1260005 * https://bugzilla.suse.com/show_bug.cgi?id=1260009 * https://bugzilla.suse.com/show_bug.cgi?id=1260347 * https://bugzilla.suse.com/show_bug.cgi?id=1260464 * https://bugzilla.suse.com/show_bug.cgi?id=1260471 * https://bugzilla.suse.com/show_bug.cgi?id=1260481 * https://bugzilla.suse.com/show_bug.cgi?id=1260486 * https://bugzilla.suse.com/show_bug.cgi?id=1260497 * https://bugzilla.suse.com/show_bug.cgi?id=1260500 * https://bugzilla.suse.com/show_bug.cgi?id=1260527 * https://bugzilla.suse.com/show_bug.cgi?id=1260544 * https://bugzilla.suse.com/show_bug.cgi?id=1260550 * https://bugzilla.suse.com/show_bug.cgi?id=1260562 * https://bugzilla.suse.com/show_bug.cgi?id=1260580 * https://bugzilla.suse.com/show_bug.cgi?id=1260730 * https://bugzilla.suse.com/show_bug.cgi?id=1260732 * https://bugzilla.suse.com/show_bug.cgi?id=1260735 * https://bugzilla.suse.com/show_bug.cgi?id=1260799 * https://bugzilla.suse.com/show_bug.cgi?id=1261412 * https://bugzilla.suse.com/show_bug.cgi?id=1261496 * https://bugzilla.suse.com/show_bug.cgi?id=1261498 * https://bugzilla.suse.com/show_bug.cgi?id=1261507 * https://bugzilla.suse.com/show_bug.cgi?id=1261669
Attachment: None (type=text/html)
(HTML attachment elided)