Overview

File _patchinfo of Package patchinfo.41496

<patchinfo incident="41496">
  <issue tracker="bnc" id="1012628">Continuous stable update tracker for Tumbleweed</issue>
  <issue tracker="bnc" id="1214954">[PATCH] ext4: fix memory leaks in  ext4_fname_{setup_filename,prepare_lookup}</issue>
  <issue tracker="bnc" id="1215143">s390/zcrypt: don't leak memory if dev_set_name() fails</issue>
  <issue tracker="bnc" id="1215199">[trackerbug] 6.4 powerpc base kernel fixes</issue>
  <issue tracker="bnc" id="1216396">Backport MSG_SPLICE_PAGES work from David Howells</issue>
  <issue tracker="bnc" id="1220419">SLE15-SP6 networking performance backports and fixes</issue>
  <issue tracker="bnc" id="1239206">kernel BUG at include/linux/scatterlist.h:187 when using encfs/gocryptfs via CIFS</issue>
  <issue tracker="bnc" id="1244939">VUL-0: CVE-2025-38008: kernel: mm/page_alloc: fix race condition in unaccepted memory handling</issue>
  <issue tracker="bnc" id="1248211">VUL-0: CVE-2025-38539: kernel: tracing: Add down_write(trace_event_sem) when adding trace event</issue>
  <issue tracker="bnc" id="1248230">VUL-0: CVE-2025-38552: kernel: mptcp: plug races between subflow fail and subflow creation</issue>
  <issue tracker="bnc" id="1248517">[Build 6.4.0-150700.694.1.ga8a9f2f] openQA test fails in selftests: livepatch: test-ftrace_sh</issue>
  <issue tracker="bnc" id="1248630">VUL-0: CVE-2025-38653: kernel: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al</issue>
  <issue tracker="bnc" id="1248754">[Suse][Mana][Backport] net: Use page pool fragments for RX buffers instead of full pages to improve memory efficiency.</issue>
  <issue tracker="bnc" id="1248886">L3: refcount_t underflow in smb2_query_info_compound() &#8212; ref:_00D1igLOd._500Trh3Fg7:ref</issue>
  <issue tracker="bnc" id="1249161">VUL-0: CVE-2025-38718: kernel: sctp: linearize cloned gso packets in sctp_rcv</issue>
  <issue tracker="bnc" id="1249182">VUL-0: CVE-2025-38700: kernel: scsi: libiscsi: Initialize iscsi_conn-&gt;dd_data only if memory is allocated</issue>
  <issue tracker="bnc" id="1249224">VUL-0: CVE-2025-38699: kernel: scsi: bfa: Double-free fix</issue>
  <issue tracker="bnc" id="1249286">VUL-0: CVE-2025-39683: kernel: tracing: Limit access to parser-&gt;buffer when trace_get_user failed</issue>
  <issue tracker="bnc" id="1249302">VUL-0: CVE-2025-39676: kernel: scsi: qla4xxx: Prevent a potential error pointer dereference</issue>
  <issue tracker="bnc" id="1249317">VUL-0: CVE-2025-39702: kernel: ipv6: sr: Fix MAC comparison to be constant-time</issue>
  <issue tracker="bnc" id="1249319">VUL-0: CVE-2025-39697: kernel: NFS: Fix a race when updating an existing write</issue>
  <issue tracker="bnc" id="1249320">VUL-0: CVE-2025-39673: kernel: ppp: fix race conditions in ppp_fill_forward_path</issue>
  <issue tracker="bnc" id="1249512">VUL-0: CVE-2025-39756: kernel: fs: Prevent file descriptor table allocations exceeding INT_MAX</issue>
  <issue tracker="bnc" id="1249595">VUL-0: CVE-2025-39794: kernel: In the Linux kernel, the following vulnerability has been resolved: ARM: tegra: Use I/O memcpy to write to IRAM Kasan crashes the kernel trying to check boundaries when using the normal memcpy.</issue>
  <issue tracker="bnc" id="1249608">VUL-0: CVE-2025-39797: kernel: xfrm: Duplicate SPI Handling</issue>
  <issue tracker="bnc" id="1250032">VUL-0: CVE-2025-39813: kernel: ftrace: Fix potential warning in trace_printk_seq during ftrace_dump</issue>
  <issue tracker="bnc" id="1250119">fstests ext4/307 has coredump in s390x</issue>
  <issue tracker="bnc" id="1250202">VUL-0: CVE-2025-39812: kernel: sctp: initialize more fields in sctp_v6_from_sk()</issue>
  <issue tracker="bnc" id="1250237">nftables stack guard hit + kernel panic on synproxy in output chain</issue>
  <issue tracker="bnc" id="1250274">VUL-0: CVE-2025-39841: kernel: scsi: lpfc: Fix buffer free/clear order in deferred receive path</issue>
  <issue tracker="bnc" id="1250296">VUL-0: CVE-2025-39851: kernel: vxlan: Fix NPD when refreshing an FDB entry with a nexthop object</issue>
  <issue tracker="bnc" id="1250379">VUL-0: CVE-2025-39881: kernel: kernfs: Fix UAF in polling when open file is released</issue>
  <issue tracker="bnc" id="1250400">VUL-0: CVE-2025-39876: kernel: net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable()</issue>
  <issue tracker="bnc" id="1250455">VUL-0: CVE-2025-39866: kernel: fs: writeback: fix use-after-free in __mark_inode_dirty()</issue>
  <issue tracker="bnc" id="1250491">L3: kernel BUG at ../include/linux/scatterlist.h:163</issue>
  <issue tracker="bnc" id="1250519">Update Broadcom Emulex lpfc driver for SL-16.0  to 14.4.0.11</issue>
  <issue tracker="bnc" id="1250650">bpf:test_sockmap - 'sockhash::txmsg test hanging corks': NULL pointer dereference</issue>
  <issue tracker="bnc" id="1250702">VUL-0: CVE-2025-39902: kernel: mm/slub: avoid accessing metadata when pointer is invalid in object_err()</issue>
  <issue tracker="bnc" id="1250704">VUL-0: CVE-2025-39911: kernel: i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path</issue>
  <issue tracker="bnc" id="1250721">VUL-0: CVE-2025-39895: kernel: sched: Fix sched_numa_find_nth_cpu() if mask offline</issue>
  <issue tracker="bnc" id="1250742">VUL-0: CVE-2025-39898: kernel: e1000e: fix heap overflow in e1000_set_eeprom</issue>
  <issue tracker="bnc" id="1250946">kernel-source 6.17.0 does not build without debug</issue>
  <issue tracker="bnc" id="1251024">VUL-0: CVE-2023-53538: kernel: btrfs: insert tree mod log move in push_node_left</issue>
  <issue tracker="bnc" id="1251027">VUL-0: CVE-2023-53572: kernel: clk: imx: scu: use _safe list iterator to avoid a use after free</issue>
  <issue tracker="bnc" id="1251028">VUL-0: CVE-2023-53577: kernel: bpf, cpumap: Make sure kthread is running before map update returns</issue>
  <issue tracker="bnc" id="1251031">VUL-0: CVE-2023-53570: kernel: wifi: nl80211: fix integer overflow in nl80211_parse_mbssid_elems()</issue>
  <issue tracker="bnc" id="1251035">VUL-0: CVE-2023-53568: kernel: s390/zcrypt: don't leak memory if dev_set_name() fails</issue>
  <issue tracker="bnc" id="1251038">VUL-0: CVE-2023-53563: kernel: cpufreq: amd-pstate-ut: Fix kernel panic when loading the driver</issue>
  <issue tracker="bnc" id="1251043">VUL-0: CVE-2023-53541: kernel: mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write</issue>
  <issue tracker="bnc" id="1251045">VUL-0: CVE-2023-53560: kernel: tracing/histograms: Add histograms to hist_vars if they have referenced variables</issue>
  <issue tracker="bnc" id="1251052">VUL-0: CVE-2023-53559: kernel: ip_vti: fix potential slab-use-after-free in decode_session6</issue>
  <issue tracker="bnc" id="1251053">VUL-0: CVE-2023-53540: kernel: wifi: cfg80211: reject auth/assoc to AP with our address</issue>
  <issue tracker="bnc" id="1251054">VUL-0: CVE-2023-53557: kernel: fprobe: Release rethook after the ftrace_ops is unregistered</issue>
  <issue tracker="bnc" id="1251056">VUL-0: CVE-2023-53555: kernel: mm/damon/core: initialize damo_filter-&gt;list from damos_new_filter()</issue>
  <issue tracker="bnc" id="1251057">VUL-0: CVE-2023-53554: kernel: staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext()</issue>
  <issue tracker="bnc" id="1251059">VUL-0: CVE-2023-53556: kernel: iavf: Fix use-after-free in free_netdev</issue>
  <issue tracker="bnc" id="1251060">VUL-0: CVE-2023-53539: kernel: RDMA/rxe: Fix incomplete state save in rxe_requester</issue>
  <issue tracker="bnc" id="1251065">VUL-0: CVE-2023-53552: kernel: drm/i915: mark requests for GuC virtual engines to avoid use-after-free</issue>
  <issue tracker="bnc" id="1251066">VUL-0: CVE-2023-53548: kernel: net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb</issue>
  <issue tracker="bnc" id="1251067">VUL-0: CVE-2023-53575: kernel: wifi: iwlwifi: mvm: fix potential array out of bounds access</issue>
  <issue tracker="bnc" id="1251068">VUL-0: CVE-2023-53553: kernel: HID: hyperv: avoid struct memcpy overrun warning</issue>
  <issue tracker="bnc" id="1251071">VUL-0: CVE-2023-53550: kernel: cpufreq: amd-pstate: fix global sysfs attribute type</issue>
  <issue tracker="bnc" id="1251076">VUL-0: CVE-2023-53602: kernel: wifi: ath11k: fix memory leak in WMI firmware stats</issue>
  <issue tracker="bnc" id="1251079">VUL-0: CVE-2023-53546: kernel: net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx</issue>
  <issue tracker="bnc" id="1251081">VUL-0: CVE-2023-53558: kernel: rcu-tasks: Avoid pr_info() with spin lock in cblist_init_generic()</issue>
  <issue tracker="bnc" id="1251083">VUL-0: CVE-2023-53543: kernel: vdpa: Add max vqp attr to vdpa_nl_policy for nlattr length check</issue>
  <issue tracker="bnc" id="1251084">VUL-0: CVE-2023-53545: kernel: drm/amdgpu: unmap and remove csa_va properly</issue>
  <issue tracker="bnc" id="1251100">VUL-0: CVE-2025-39931: kernel: crypto: af_alg - Set merge to zero early in af_alg_sendmsg</issue>
  <issue tracker="bnc" id="1251105">VUL-0: CVE-2023-53580: kernel: USB: Gadget: core: Help prevent panic during UVC unconfigure</issue>
  <issue tracker="bnc" id="1251106">VUL-0: CVE-2023-53581: kernel: net/mlx5e: Check for NOT_READY flag state after locking</issue>
  <issue tracker="bnc" id="1251108">VUL-0: CVE-2023-53583: kernel: perf: RISC-V: Remove PERF_HES_STOPPED flag checking in riscv_pmu_start()</issue>
  <issue tracker="bnc" id="1251113">VUL-0: CVE-2023-53615: kernel: scsi: qla2xxx: Fix deletion race condition</issue>
  <issue tracker="bnc" id="1251114">VUL-0: CVE-2025-39946: kernel: tls: make sure to abort the stream if headers are bogus</issue>
  <issue tracker="bnc" id="1251119">VUL-0: CVE-2023-53613: kernel: dax: Fix dax_mapping_release() use after free</issue>
  <issue tracker="bnc" id="1251123">VUL-0: CVE-2023-53611: kernel: ipmi_si: fix a memleak in try_smi_init()</issue>
  <issue tracker="bnc" id="1251126">VUL-0: CVE-2023-53585: kernel: bpf: reject unhashed sockets in bpf_sk_assign</issue>
  <issue tracker="bnc" id="1251132">VUL-0: CVE-2023-53593: kernel: cifs: Release folio lock on fscache read hit.</issue>
  <issue tracker="bnc" id="1251134">VUL-0: CVE-2025-39938: kernel: ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed</issue>
  <issue tracker="bnc" id="1251143">VUL-0: CVE-2025-39937: kernel: net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer</issue>
  <issue tracker="bnc" id="1251146">VUL-0: CVE-2025-39934: kernel: drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ</issue>
  <issue tracker="bnc" id="1251150">VUL-0: CVE-2023-53599: kernel: crypto: af_alg - Fix missing initialisation affecting gcm-aes-s390</issue>
  <issue tracker="bnc" id="1251152">VUL-0: CVE-2023-53600: kernel: tunnels: fix kasan splat when generating ipv4 pmtu error</issue>
  <issue tracker="bnc" id="1251153">VUL-0: CVE-2023-53601: kernel: bonding: do not assume skb mac_header is set</issue>
  <issue tracker="bnc" id="1251159">VUL-0: CVE-2023-53597: kernel: cifs: fix mid leak during reconnection after timeout threshold</issue>
  <issue tracker="bnc" id="1251161">VUL-0: CVE-2023-53596: kernel: drivers: base: Free devm resources when unregistering a device</issue>
  <issue tracker="bnc" id="1251170">VUL-0: CVE-2023-53579: kernel: gpio: mvebu: fix irq domain leak</issue>
  <issue tracker="bnc" id="1251177">VUL-0: CVE-2025-39949: kernel: qed: Don't collect too many protection override GRC elements</issue>
  <issue tracker="bnc" id="1251180">VUL-0: CVE-2023-53603: kernel: scsi: qla2xxx: Avoid fcport pointer dereference</issue>
  <issue tracker="bnc" id="1251206">VUL-0: CVE-2023-53588: kernel: wifi: mac80211: check for station first in client probe</issue>
  <issue tracker="bnc" id="1251215">VUL-0: CVE-2023-53616: kernel: jfs: fix invalid free of JFS_IP(ipimap)-&gt;i_imap in diUnmount</issue>
  <issue tracker="bnc" id="1251216">VUL-0: CVE-2025-39952: kernel: wifi: wilc1000: avoid buffer overflow in WID string configuration</issue>
  <issue tracker="bnc" id="1251222">VUL-0: CVE-2023-53574: kernel: wifi: rtw88: delete timer and free skb queue when unloading</issue>
  <issue tracker="bnc" id="1251230">VUL-0: CVE-2025-39945: kernel: cnic: Fix use-after-free bugs in cnic_delete_task</issue>
  <issue tracker="bnc" id="1251232">VUL-0: CVE-2025-39947: kernel: net/mlx5e: Harden uplink netdev access against device unbind</issue>
  <issue tracker="bnc" id="1251233">VUL-0: CVE-2025-39948: kernel: ice: fix Rx page leak on multi-buffer frames</issue>
  <issue tracker="bnc" id="1251247">VUL-0: CVE-2023-53659: kernel: iavf: Fix out-of-bounds when setting channels on remove</issue>
  <issue tracker="bnc" id="1251268">VUL-0: CVE-2023-53617: kernel: soc: aspeed: socinfo: Add kfree for kstrdup</issue>
  <issue tracker="bnc" id="1251269">VUL-0: CVE-2023-53632: kernel: net/mlx5e: Take RTNL lock when needed before calling xdp_set_features()</issue>
  <issue tracker="bnc" id="1251270">VUL-0: CVE-2023-53665: kernel: md: don't dereference mddev after export_rdev()</issue>
  <issue tracker="bnc" id="1251282">VUL-0: CVE-2023-53662: kernel: ext4: fix memory leaks in ext4_fname_{setup_filename,prepare_lookup}</issue>
  <issue tracker="bnc" id="1251283">VUL-0: CVE-2023-53650: kernel: fbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe()</issue>
  <issue tracker="bnc" id="1251286">VUL-0: CVE-2023-53668: kernel: ring-buffer: Fix deadloop issue on reading trace_pipe</issue>
  <issue tracker="bnc" id="1251290">VUL-0: CVE-2023-53663: kernel: KVM: nSVM: Check instead of asserting on nested TSC scaling support</issue>
  <issue tracker="bnc" id="1251319">VUL-0: CVE-2023-53657: kernel: ice: Don't tx before switchdev is fully configured</issue>
  <issue tracker="bnc" id="1251321">VUL-0: CVE-2023-53645: kernel: bpf: Make bpf_refcount_acquire fallible for non-owning refs</issue>
  <issue tracker="bnc" id="1251323">VUL-0: CVE-2023-53621: kernel: memcontrol: ensure memcg acquired by id is properly set up</issue>
  <issue tracker="bnc" id="1251328">VUL-0: CVE-2023-53638: kernel: octeon_ep: cancel queued works in probe error path</issue>
  <issue tracker="bnc" id="1251529">VUL-0: CVE-2023-53631: kernel: platform/x86: dell-sysman: Fix reference leak</issue>
  <issue tracker="bnc" id="1251721">VUL-0: CVE-2023-53660: kernel: bpf, cpumap: Handle skb as well when clean up ptr_ring</issue>
  <issue tracker="bnc" id="1251732">VUL-0: CVE-2023-53647: kernel: Drivers: hv: vmbus: Don't dereference ACPI root object handle</issue>
  <issue tracker="bnc" id="1251742">VUL-0: CVE-2023-53646: kernel: drm/i915/perf: add sentinel to xehp_oa_b_counters</issue>
  <issue tracker="bnc" id="1251743">VUL-0: CVE-2023-53619: kernel: netfilter: conntrack: Avoid nf_ct_helper_hash uses after free</issue>
  <issue tracker="bnc" id="1251746">VUL-0: CVE-2023-53633: kernel: accel/qaic: Fix a leak in map_user_pages()</issue>
  <issue tracker="bnc" id="1251748">VUL-0: CVE-2023-53618: kernel: btrfs: reject invalid reloc tree root keys with stack dump</issue>
  <issue tracker="bnc" id="1251749">VUL-0: CVE-2023-53649: kernel: perf trace: Really free the evsel-&gt;priv area</issue>
  <issue tracker="bnc" id="1251750">VUL-0: CVE-2023-53648: kernel: ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer</issue>
  <issue tracker="bnc" id="1251754">VUL-0: CVE-2023-53652: kernel: vdpa: Add features attr to vdpa_nl_policy for nlattr length check</issue>
  <issue tracker="bnc" id="1251755">VUL-0: CVE-2023-53653: kernel: media: amphion: fix REVERSE_INULL issues reported by coverity</issue>
  <issue tracker="bnc" id="1251756">VUL-0: CVE-2023-53654: kernel: octeontx2-af: Add validation before accessing cgx and lmac</issue>
  <issue tracker="bnc" id="1251758">VUL-0: CVE-2023-53656: kernel: drivers/perf: hisi: Don't migrate perf to the CPU going to teardown</issue>
  <issue tracker="bnc" id="1251759">VUL-0: CVE-2023-53658: kernel: spi: bcm-qspi: return error if neither hif_mspi nor mspi is available</issue>
  <issue tracker="bnc" id="1251760">VUL-0: CVE-2023-53666: kernel: ASoC: codecs: wcd938x: fix missing mbhc init error handling</issue>
  <issue tracker="bnc" id="1251762">VUL-0: CVE-2023-53670: kernel: nvme-core: fix dev_pm_qos memleak</issue>
  <issue tracker="bnc" id="1251763">VUL-0: CVE-2023-53673: kernel: Bluetooth: hci_event: call disconnect callback before deleting conn</issue>
  <issue tracker="bnc" id="1251764">VUL-0: CVE-2023-53674: kernel: clk: Fix memory leak in devm_clk_notifier_register()</issue>
  <issue tracker="bnc" id="1251769">VUL-0: CVE-2023-53681: kernel: bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent</issue>
  <issue tracker="bnc" id="1251771">VUL-0: CVE-2023-53686: kernel: net/handshake: fix null-ptr-deref in handshake_nl_done_doit()</issue>
  <issue tracker="bnc" id="1251772">VUL-0: CVE-2023-53687: kernel: tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() when iterating clk</issue>
  <issue tracker="bnc" id="1251777">VUL-0: CVE-2023-53622: kernel: gfs2: Fix possible data races in gfs2_show_options()</issue>
  <issue tracker="bnc" id="1251780">VUL-0: CVE-2023-53672: kernel: btrfs: output extra debug info if we failed to find an inline backref</issue>
  <issue tracker="bnc" id="1251804">VUL-0: CVE-2025-39955: kernel: tcp: Clear tcp_sk(sk)-&gt;fastopen_rsk in tcp_disconnect().</issue>
  <issue tracker="bnc" id="1251810">VUL-0: CVE-2025-39957: kernel: wifi: mac80211: increase scan_ies_len for S1G</issue>
  <issue tracker="bnc" id="1251930">kernel-default-base fails to load after patch with SUSE-SLE-Product-SLES-15-SP2-LTSS-TERADATA-2025-41034</issue>
  <issue tracker="bnc" id="1251967">VUL-0: CVE-2025-39965: kernel: xfrm: xfrm_alloc_spi shouldn't use 0 as SPI</issue>
  <issue tracker="bnc" id="1252033">VUL-0: CVE-2025-39967: kernel: fbcon: fix integer overflow in fbcon_do_set_font</issue>
  <issue tracker="bnc" id="1252035">VUL-0: CVE-2025-39973: kernel: i40e: add validation for ring_len param</issue>
  <issue tracker="bnc" id="1252039">VUL-0: CVE-2025-39972: kernel: i40e: fix idx validation in i40e_validate_queue_map</issue>
  <issue tracker="bnc" id="1252044">VUL-0: CVE-2025-39969: kernel: i40e: fix validation of VF state in get resources</issue>
  <issue tracker="bnc" id="1252047">VUL-0: CVE-2025-39968: kernel: i40e: add max boundary check for VF filters</issue>
  <issue tracker="bnc" id="1252051">VUL-0: CVE-2025-39970: kernel: i40e: fix input validation logic for action_meta</issue>
  <issue tracker="bnc" id="1252052">VUL-0: CVE-2025-39971: kernel: i40e: fix idx validation in config queues msg</issue>
  <issue tracker="bnc" id="1252056">VUL-0: CVE-2025-39997: kernel: ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free</issue>
  <issue tracker="bnc" id="1252060">VUL-0: CVE-2025-39981: kernel: Bluetooth: MGMT: Fix possible UAFs</issue>
  <issue tracker="bnc" id="1252062">VUL-0: CVE-2025-40000: kernel: wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait()</issue>
  <issue tracker="bnc" id="1252064">VUL-0: CVE-2025-39995: kernel: media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in probe</issue>
  <issue tracker="bnc" id="1252065">VUL-0: CVE-2025-39996: kernel: media: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove</issue>
  <issue tracker="bnc" id="1252069">VUL-0: CVE-2025-39978: kernel: octeontx2-pf: Fix potential use after free in otx2_tc_add_flow()</issue>
  <issue tracker="bnc" id="1252070">VUL-0: CVE-2025-39993: kernel: media: rc: fix races with imon_disconnect()</issue>
  <issue tracker="bnc" id="1252072">VUL-0: CVE-2025-39994: kernel: media: tuner: xc5000: Fix use-after-free in xc5000_release</issue>
  <issue tracker="bnc" id="1252074">VUL-0: CVE-2025-39988: kernel: can: etas_es58x: populate ndo_change_mtu() to prevent buffer overflow</issue>
  <issue tracker="bnc" id="1252075">VUL-0: CVE-2025-39991: kernel: wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load()</issue>
  <issue tracker="bnc" id="1252078">VUL-0: CVE-2025-39986: kernel: can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow</issue>
  <issue tracker="bnc" id="1252079">VUL-0: CVE-2025-39987: kernel: can: hi311x: populate ndo_change_mtu() to prevent buffer overflow</issue>
  <issue tracker="bnc" id="1252082">VUL-0: CVE-2025-39985: kernel: can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow</issue>
  <issue tracker="bnc" id="1252083">VUL-0: CVE-2025-39982: kernel: Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync</issue>
  <issue tracker="bnc" id="1252236">Customer request for fix for CVE-2025-39697</issue>
  <issue tracker="bnc" id="1252265">[SUSE][netvsc][Backport] net: hv_netvsc: fix loss of early receive events from host during channel open.</issue>
  <issue tracker="bnc" id="1252332">VUL-0: CVE-2025-40010: kernel: afs: Fix potential null pointer dereference in afs_put_server</issue>
  <issue tracker="bnc" id="1252336">VUL-0: CVE-2025-40011: kernel: drm/gma500: Fix null dereference in hdmi teardown</issue>
  <issue tracker="bnc" id="1252346">VUL-0: CVE-2025-40016: kernel: media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID</issue>
  <issue tracker="bnc" id="1252348">VUL-0: CVE-2025-40013: kernel: ASoC: qcom: audioreach: fix potential null pointer dereference</issue>
  <issue tracker="bnc" id="1252349">VUL-0: CVE-2025-40005: kernel: spi: cadence-quadspi: Implement refcount to handle unbind during busy</issue>
  <issue tracker="bnc" id="1252364">selftests: bpf: test_progs: ns_current_pid_tgid/new_ns_cgrp: Child process exits unexpectedly</issue>
  <issue tracker="bnc" id="1252479">VUL-0: CVE-2023-53698: kernel: xsk: fix refcount underflow in error path</issue>
  <issue tracker="bnc" id="1252481">VUL-0: CVE-2023-53731: kernel: netlink: fix potential deadlock in netlink_set_err()</issue>
  <issue tracker="bnc" id="1252489">VUL-0: CVE-2023-53693: kernel: USB: gadget: Fix the memory leak in raw_gadget driver</issue>
  <issue tracker="bnc" id="1252490">VUL-0: CVE-2023-53704: kernel: clk: imx: clk-imx8mp: improve error handling in imx8mp_clocks_probe()</issue>
  <issue tracker="bnc" id="1252492">VUL-0: CVE-2023-53725: kernel: clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe</issue>
  <issue tracker="bnc" id="1252495">VUL-0: CVE-2023-53730: kernel: blk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost</issue>
  <issue tracker="bnc" id="1252496">VUL-0: CVE-2023-53729: kernel: soc: qcom: qmi_encdec: Restrict string length in decode</issue>
  <issue tracker="bnc" id="1252499">VUL-0: CVE-2023-53722: kernel: md: raid1: fix potential OOB in raid1_remove_disk()</issue>
  <issue tracker="bnc" id="1252534">VUL-0: CVE-2023-53697: kernel: nvdimm: Fix memleak of pmu attr_groups in unregister_nvdimm_pmu()</issue>
  <issue tracker="bnc" id="1252536">VUL-0: CVE-2023-53711: kernel: NFS: Fix a potential data corruption</issue>
  <issue tracker="bnc" id="1252537">VUL-0: CVE-2023-53708: kernel: ACPI: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects</issue>
  <issue tracker="bnc" id="1252550">VUL-0: CVE-2023-53699: kernel: riscv: move memblock_allow_resize() after linear mapping is ready</issue>
  <issue tracker="bnc" id="1252553">VUL-0: CVE-2023-53703: kernel: HID: amd_sfh: Fix for shift-out-of-bounds</issue>
  <issue tracker="bnc" id="1252559">VUL-0: CVE-2023-53713: kernel: arm64: sme: Use STR P to clear FFR context field in streaming SVE mode</issue>
  <issue tracker="bnc" id="1252561">VUL-0: CVE-2023-53721: kernel: wifi: ath12k: Fix a NULL pointer dereference in ath12k_mac_op_hw_scan()</issue>
  <issue tracker="bnc" id="1252564">VUL-0: CVE-2023-53718: kernel: ring-buffer: Do not swap cpu_buffer during resize process</issue>
  <issue tracker="bnc" id="1252565">VUL-0: CVE-2023-53726: kernel: arm64: csum: Fix OoB access in IP checksum code for negative lengths</issue>
  <issue tracker="bnc" id="1252566">VUL-0: CVE-2023-53727: kernel: net/sched: fq_pie: avoid stalls in fq_pie_timer()</issue>
  <issue tracker="bnc" id="1252632">VUL-0: CVE-2023-53707: kernel: drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1</issue>
  <issue tracker="bnc" id="1252668">VUL-0: CVE-2023-53728: kernel: posix-timers: Ensure timer ID search-loop limit is valid</issue>
  <issue tracker="bnc" id="1252678">VUL-0: CVE-2025-40019: kernel: crypto: essiv - Check ssize for decryption and in-place encryption</issue>
  <issue tracker="bnc" id="1252679">VUL-0: CVE-2025-40020: kernel: can: peak_usb: fix shift-out-of-bounds issue</issue>
  <issue tracker="bnc" id="1252685">VUL-0: CVE-2023-53733: kernel: net: sched: cls_u32: Undo tcf_bind_filter if u32_replace_hw_knode</issue>
  <issue tracker="bnc" id="1252688">VUL-0: CVE-2025-40018: kernel: ipvs: Defer ip_vs_ftp unregister during netns cleanup</issue>
  <issue tracker="bnc" id="1252772">VUL-0: CVE-2025-40029: kernel: bus: fsl-mc: Check return value of platform_get_resource()</issue>
  <issue tracker="bnc" id="1252774">VUL-0: CVE-2025-40080: kernel: nbd: restrict sockets to TCP and UDP</issue>
  <issue tracker="bnc" id="1252775">VUL-0: CVE-2025-40082: kernel: hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()</issue>
  <issue tracker="bnc" id="1252785">VUL-0: CVE-2025-40044: kernel: fs: udf: fix OOB read in lengthAllocDescs handling</issue>
  <issue tracker="bnc" id="1252787">VUL-0: CVE-2025-40043: kernel: net: nfc: nci: Add parameter validation for packet data</issue>
  <issue tracker="bnc" id="1252789">VUL-0: CVE-2025-40078: kernel: bpf: Explicitly check accesses to bpf_sock_addr</issue>
  <issue tracker="bnc" id="1252797">VUL-0: CVE-2025-40071: kernel: tty: n_gsm: Don't block input queue by waiting MSC</issue>
  <issue tracker="bnc" id="1252822">VUL-0: CVE-2025-40049: kernel: Squashfs: fix uninit-value in squashfs_get_parent</issue>
  <issue tracker="bnc" id="1252826">VUL-0: CVE-2025-40056: kernel: vhost: vringh: Fix copy_to_iter return value check</issue>
  <issue tracker="bnc" id="1252841">VUL-0: CVE-2025-40032: kernel: PCI: endpoint: pci-epf-test: Add NULL check for DMA channels before release</issue>
  <issue tracker="bnc" id="1252848">VUL-0: CVE-2025-40060: kernel: coresight: trbe: Return NULL pointer for allocation failures</issue>
  <issue tracker="bnc" id="1252849">VUL-0: CVE-2025-40061: kernel: RDMA/rxe: Fix race in do_task() when draining</issue>
  <issue tracker="bnc" id="1252850">VUL-0: CVE-2025-40062: kernel: crypto: hisilicon/qm - set NULL to qm-&gt;debug.qm_diff_regs</issue>
  <issue tracker="bnc" id="1252851">VUL-0: CVE-2025-40052: kernel: smb: client: fix crypto buffers in non-linear memory</issue>
  <issue tracker="bnc" id="1252854">VUL-0: CVE-2025-40058: kernel: iommu/vt-d: Disallow dirty tracking if incoherent page walk</issue>
  <issue tracker="bnc" id="1252858">VUL-0: CVE-2025-40051: kernel: vhost: vringh: Modify the return value check</issue>
  <issue tracker="bnc" id="1252865">VUL-0: CVE-2025-40036: kernel: misc: fastrpc: fix possible map leak in fastrpc_put_args</issue>
  <issue tracker="bnc" id="1252866">VUL-0: CVE-2025-40035: kernel: Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak</issue>
  <issue tracker="bnc" id="1252873">VUL-0: CVE-2025-40085: kernel: ALSA: usb-audio: Fix NULL pointer deference in try_to_register_card</issue>
  <issue tracker="bnc" id="1252902">VUL-0: CVE-2025-40096: kernel: drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies</issue>
  <issue tracker="bnc" id="1252904">VUL-0: CVE-2025-40088: kernel: hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp()</issue>
  <issue tracker="bnc" id="1252909">VUL-0: CVE-2025-40087: kernel: NFSD: Define a proc_layoutcommit for the FlexFiles layout type</issue>
  <issue tracker="bnc" id="1252918">VUL-0: CVE-2025-40100: kernel: btrfs: do not assert we found block group item when creating free space tree</issue>
  <issue tracker="bnc" id="1252939">kdb: Replace deprecated strcpy() with memmove() in vkdb_printf()</issue>
  <issue tracker="cve" id="2023-53538"/>
  <issue tracker="cve" id="2023-53539"/>
  <issue tracker="cve" id="2023-53540"/>
  <issue tracker="cve" id="2023-53541"/>
  <issue tracker="cve" id="2023-53543"/>
  <issue tracker="cve" id="2023-53545"/>
  <issue tracker="cve" id="2023-53546"/>
  <issue tracker="cve" id="2023-53548"/>
  <issue tracker="cve" id="2023-53550"/>
  <issue tracker="cve" id="2023-53552"/>
  <issue tracker="cve" id="2023-53553"/>
  <issue tracker="cve" id="2023-53554"/>
  <issue tracker="cve" id="2023-53555"/>
  <issue tracker="cve" id="2023-53556"/>
  <issue tracker="cve" id="2023-53557"/>
  <issue tracker="cve" id="2023-53558"/>
  <issue tracker="cve" id="2023-53559"/>
  <issue tracker="cve" id="2023-53560"/>
  <issue tracker="cve" id="2023-53563"/>
  <issue tracker="cve" id="2023-53568"/>
  <issue tracker="cve" id="2023-53570"/>
  <issue tracker="cve" id="2023-53572"/>
  <issue tracker="cve" id="2023-53574"/>
  <issue tracker="cve" id="2023-53575"/>
  <issue tracker="cve" id="2023-53577"/>
  <issue tracker="cve" id="2023-53579"/>
  <issue tracker="cve" id="2023-53580"/>
  <issue tracker="cve" id="2023-53581"/>
  <issue tracker="cve" id="2023-53583"/>
  <issue tracker="cve" id="2023-53585"/>
  <issue tracker="cve" id="2023-53588"/>
  <issue tracker="cve" id="2023-53593"/>
  <issue tracker="cve" id="2023-53596"/>
  <issue tracker="cve" id="2023-53597"/>
  <issue tracker="cve" id="2023-53599"/>
  <issue tracker="cve" id="2023-53600"/>
  <issue tracker="cve" id="2023-53601"/>
  <issue tracker="cve" id="2023-53602"/>
  <issue tracker="cve" id="2023-53603"/>
  <issue tracker="cve" id="2023-53611"/>
  <issue tracker="cve" id="2023-53613"/>
  <issue tracker="cve" id="2023-53615"/>
  <issue tracker="cve" id="2023-53616"/>
  <issue tracker="cve" id="2023-53617"/>
  <issue tracker="cve" id="2023-53618"/>
  <issue tracker="cve" id="2023-53619"/>
  <issue tracker="cve" id="2023-53621"/>
  <issue tracker="cve" id="2023-53622"/>
  <issue tracker="cve" id="2023-53631"/>
  <issue tracker="cve" id="2023-53632"/>
  <issue tracker="cve" id="2023-53633"/>
  <issue tracker="cve" id="2023-53638"/>
  <issue tracker="cve" id="2023-53645"/>
  <issue tracker="cve" id="2023-53646"/>
  <issue tracker="cve" id="2023-53647"/>
  <issue tracker="cve" id="2023-53648"/>
  <issue tracker="cve" id="2023-53649"/>
  <issue tracker="cve" id="2023-53650"/>
  <issue tracker="cve" id="2023-53652"/>
  <issue tracker="cve" id="2023-53653"/>
  <issue tracker="cve" id="2023-53654"/>
  <issue tracker="cve" id="2023-53656"/>
  <issue tracker="cve" id="2023-53657"/>
  <issue tracker="cve" id="2023-53658"/>
  <issue tracker="cve" id="2023-53659"/>
  <issue tracker="cve" id="2023-53660"/>
  <issue tracker="cve" id="2023-53662"/>
  <issue tracker="cve" id="2023-53663"/>
  <issue tracker="cve" id="2023-53665"/>
  <issue tracker="cve" id="2023-53666"/>
  <issue tracker="cve" id="2023-53668"/>
  <issue tracker="cve" id="2023-53670"/>
  <issue tracker="cve" id="2023-53672"/>
  <issue tracker="cve" id="2023-53673"/>
  <issue tracker="cve" id="2023-53674"/>
  <issue tracker="cve" id="2023-53681"/>
  <issue tracker="cve" id="2023-53686"/>
  <issue tracker="cve" id="2023-53687"/>
  <issue tracker="cve" id="2023-53693"/>
  <issue tracker="cve" id="2023-53697"/>
  <issue tracker="cve" id="2023-53698"/>
  <issue tracker="cve" id="2023-53699"/>
  <issue tracker="cve" id="2023-53703"/>
  <issue tracker="cve" id="2023-53704"/>
  <issue tracker="cve" id="2023-53707"/>
  <issue tracker="cve" id="2023-53708"/>
  <issue tracker="cve" id="2023-53711"/>
  <issue tracker="cve" id="2023-53713"/>
  <issue tracker="cve" id="2023-53718"/>
  <issue tracker="cve" id="2023-53721"/>
  <issue tracker="cve" id="2023-53722"/>
  <issue tracker="cve" id="2023-53725"/>
  <issue tracker="cve" id="2023-53726"/>
  <issue tracker="cve" id="2023-53727"/>
  <issue tracker="cve" id="2023-53728"/>
  <issue tracker="cve" id="2023-53729"/>
  <issue tracker="cve" id="2023-53730"/>
  <issue tracker="cve" id="2023-53731"/>
  <issue tracker="cve" id="2023-53733"/>
  <issue tracker="cve" id="2025-38008"/>
  <issue tracker="cve" id="2025-38539"/>
  <issue tracker="cve" id="2025-38552"/>
  <issue tracker="cve" id="2025-38653"/>
  <issue tracker="cve" id="2025-38699"/>
  <issue tracker="cve" id="2025-38700"/>
  <issue tracker="cve" id="2025-38718"/>
  <issue tracker="cve" id="2025-39673"/>
  <issue tracker="cve" id="2025-39676"/>
  <issue tracker="cve" id="2025-39683"/>
  <issue tracker="cve" id="2025-39697"/>
  <issue tracker="cve" id="2025-39702"/>
  <issue tracker="cve" id="2025-39756"/>
  <issue tracker="cve" id="2025-39794"/>
  <issue tracker="cve" id="2025-39797"/>
  <issue tracker="cve" id="2025-39812"/>
  <issue tracker="cve" id="2025-39813"/>
  <issue tracker="cve" id="2025-39841"/>
  <issue tracker="cve" id="2025-39851"/>
  <issue tracker="cve" id="2025-39866"/>
  <issue tracker="cve" id="2025-39876"/>
  <issue tracker="cve" id="2025-39881"/>
  <issue tracker="cve" id="2025-39895"/>
  <issue tracker="cve" id="2025-39902"/>
  <issue tracker="cve" id="2025-39911"/>
  <issue tracker="cve" id="2025-39931"/>
  <issue tracker="cve" id="2025-39934"/>
  <issue tracker="cve" id="2025-39937"/>
  <issue tracker="cve" id="2025-39938"/>
  <issue tracker="cve" id="2025-39945"/>
  <issue tracker="cve" id="2025-39946"/>
  <issue tracker="cve" id="2025-39947"/>
  <issue tracker="cve" id="2025-39948"/>
  <issue tracker="cve" id="2025-39949"/>
  <issue tracker="cve" id="2025-39952"/>
  <issue tracker="cve" id="2025-39955"/>
  <issue tracker="cve" id="2025-39957"/>
  <issue tracker="cve" id="2025-39965"/>
  <issue tracker="cve" id="2025-39967"/>
  <issue tracker="cve" id="2025-39968"/>
  <issue tracker="cve" id="2025-39969"/>
  <issue tracker="cve" id="2025-39970"/>
  <issue tracker="cve" id="2025-39971"/>
  <issue tracker="cve" id="2025-39972"/>
  <issue tracker="cve" id="2025-39973"/>
  <issue tracker="cve" id="2025-39978"/>
  <issue tracker="cve" id="2025-39981"/>
  <issue tracker="cve" id="2025-39982"/>
  <issue tracker="cve" id="2025-39985"/>
  <issue tracker="cve" id="2025-39986"/>
  <issue tracker="cve" id="2025-39987"/>
  <issue tracker="cve" id="2025-39988"/>
  <issue tracker="cve" id="2025-39991"/>
  <issue tracker="cve" id="2025-39993"/>
  <issue tracker="cve" id="2025-39994"/>
  <issue tracker="cve" id="2025-39995"/>
  <issue tracker="cve" id="2025-39996"/>
  <issue tracker="cve" id="2025-39997"/>
  <issue tracker="cve" id="2025-40000"/>
  <issue tracker="cve" id="2025-40005"/>
  <issue tracker="cve" id="2025-40010"/>
  <issue tracker="cve" id="2025-40011"/>
  <issue tracker="cve" id="2025-40013"/>
  <issue tracker="cve" id="2025-40016"/>
  <issue tracker="cve" id="2025-40018"/>
  <issue tracker="cve" id="2025-40019"/>
  <issue tracker="cve" id="2025-40020"/>
  <issue tracker="cve" id="2025-40029"/>
  <issue tracker="cve" id="2025-40032"/>
  <issue tracker="cve" id="2025-40035"/>
  <issue tracker="cve" id="2025-40036"/>
  <issue tracker="cve" id="2025-40043"/>
  <issue tracker="cve" id="2025-40044"/>
  <issue tracker="cve" id="2025-40049"/>
  <issue tracker="cve" id="2025-40051"/>
  <issue tracker="cve" id="2025-40052"/>
  <issue tracker="cve" id="2025-40056"/>
  <issue tracker="cve" id="2025-40058"/>
  <issue tracker="cve" id="2025-40060"/>
  <issue tracker="cve" id="2025-40061"/>
  <issue tracker="cve" id="2025-40062"/>
  <issue tracker="cve" id="2025-40071"/>
  <issue tracker="cve" id="2025-40078"/>
  <issue tracker="cve" id="2025-40080"/>
  <issue tracker="cve" id="2025-40082"/>
  <issue tracker="cve" id="2025-40085"/>
  <issue tracker="cve" id="2025-40087"/>
  <issue tracker="cve" id="2025-40088"/>
  <issue tracker="cve" id="2025-40096"/>
  <issue tracker="cve" id="2025-40100"/>
  <issue tracker="jsc" id="PED-3527"/>
  <issue tracker="jsc" id="PED-4593"/>
  <issue tracker="jsc" id="PED-4876"/>
  <issue tracker="jsc" id="PED-5065"/>
  <issue tracker="jsc" id="PED-5475"/>
  <issue tracker="jsc" id="PED-5477"/>
  <issue tracker="jsc" id="PED-5511"/>
  <issue tracker="jsc" id="PED-5853"/>
  <issue tracker="jsc" id="PED-6012"/>
  <issue tracker="jsc" id="PED-6041"/>
  <issue tracker="jsc" id="PED-6054"/>
  <issue tracker="jsc" id="PED-6068"/>
  <issue tracker="jsc" id="PED-6069"/>
  <issue tracker="jsc" id="PED-6070"/>
  <issue tracker="jsc" id="PED-6071"/>
  <issue tracker="jsc" id="PED-6116"/>
  <issue tracker="jsc" id="PED-6120"/>
  <issue tracker="jsc" id="PED-6121"/>
  <issue tracker="jsc" id="PED-6811"/>
  <issue tracker="jsc" id="PED-7542"/>
  <category>security</category>
  <rating>important</rating>
  <packager>olh</packager>
  <reboot_needed/>
  <summary>Security update for the Linux Kernel</summary>
  <description>
The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to fix various security issues

The following security issues were fixed:

- CVE-2025-38008: mm/page_alloc: fix race condition in unaccepted memory handling (bsc#1244939).
- CVE-2025-38539: trace/fgraph: Fix the warning caused by missing unregister notifier (bsc#1248211).
- CVE-2025-38552: mptcp: plug races between subflow fail and subflow creation (bsc#1248230).
- CVE-2025-38653: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (bsc#1248630).
- CVE-2025-38699: scsi: bfa: Double-free fix (bsc#1249224).
- CVE-2025-38700: scsi: libiscsi: Initialize iscsi_conn-&gt;dd_data only if memory is allocated (bsc#1249182).
- CVE-2025-38718: sctp: linearize cloned gso packets in sctp_rcv (bsc#1249161).
- CVE-2025-39673: ppp: fix race conditions in ppp_fill_forward_path (bsc#1249320).
- CVE-2025-39676: scsi: qla4xxx: Prevent a potential error pointer dereference (bsc#1249302).
- CVE-2025-39683: tracing: Limit access to parser-&gt;buffer when trace_get_user failed (bsc#1249286).
- CVE-2025-39697: nfs: remove dead code for the old swap over NFS implementation (bsc#1249319).
- CVE-2025-39702: ipv6: sr: Fix MAC comparison to be constant-time (bsc#1249317).
- CVE-2025-39756: fs: Prevent file descriptor table allocations exceeding INT_MAX (bsc#1249512).
- CVE-2025-39794: ARM: tegra: Use I/O memcpy to write to IRAM (bsc#1249595).
- CVE-2025-39812: sctp: initialize more fields in sctp_v6_from_sk() (bsc#1250202).
- CVE-2025-39813: ftrace: Fix potential warning in trace_printk_seq during ftrace_dump (bsc#1250032).
- CVE-2025-39851: vxlan: Fix NPD when refreshing an FDB entry with a nexthop object (bsc#1250296).
- CVE-2025-39866: fs: writeback: fix use-after-free in __mark_inode_dirty() (bsc#1250455).
- CVE-2025-39876: net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() (bsc#1250400).
- CVE-2025-39881: kernfs: Fix UAF in polling when open file is released (bsc#1250379).
- CVE-2025-39895: sched: Fix sched_numa_find_nth_cpu() if mask offline (bsc#1250721).
- CVE-2025-39902: mm/slub: avoid accessing metadata when pointer is invalid in object_err() (bsc#1250702).
- CVE-2025-39911: i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path (bsc#1250704).
- CVE-2025-39945: cnic: Fix use-after-free bugs in cnic_delete_task (bsc#1251230).
- CVE-2025-39946: tls: make sure to abort the stream if headers are bogus (bsc#1251114).
- CVE-2025-39947: net/mlx5e: Harden uplink netdev access against device unbind (bsc#1251232).
- CVE-2025-39948: ice: fix Rx page leak on multi-buffer frames (bsc#1251233).
- CVE-2025-39949: qed: Don't collect too many protection override GRC elements (bsc#1251177).
- CVE-2025-39955: tcp: Clear tcp_sk(sk)-&gt;fastopen_rsk in tcp_disconnect() (bsc#1251804).
- CVE-2025-39968: i40e: add max boundary check for VF filters (bsc#1252047).
- CVE-2025-39969: i40e: fix validation of VF state in get resources (bsc#1252044).
- CVE-2025-39970: i40e: fix input validation logic for action_meta (bsc#1252051).
- CVE-2025-39971: i40e: fix idx validation in config queues msg (bsc#1252052).
- CVE-2025-39972: i40e: fix idx validation in i40e_validate_queue_map (bsc#1252039).
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252035).
- CVE-2025-39978: octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() (bsc#1252069).
- CVE-2025-40000: wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait() (bsc#1252062).
- CVE-2025-40005: spi: cadence-quadspi: Implement refcount to handle unbind during busy (bsc#1252349).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252688).
- CVE-2025-40051: vhost: vringh: Modify the return value check (bsc#1252858).
- CVE-2025-40056: vhost: vringh: Fix copy_to_iter return value check (bsc#1252826).
- CVE-2025-40060: coresight: trbe: Return NULL pointer for allocation failures (bsc#1252848).
- CVE-2025-40078: bpf: Explicitly check accesses to bpf_sock_addr (bsc#1252789).
- CVE-2025-40080: nbd: restrict sockets to TCP and UDP (bsc#1252774).
- CVE-2025-40100: btrfs: do not assert we found block group item when creating free space tree (bsc#1252918).

The following non security issues were fixed:

- ACPI: battery: Add synchronization between interface updates (git-fixes).
- KVM: PPC: Fix misleading interrupts comment in kvmppc_prepare_to_enter() (bsc#1215199).
- KVM: x86: Plumb in the vCPU to kvm_x86_ops.hwapic_isr_update() (git-fixes).
- KVM: x86: Process "guest stopped request" once per guest time update (git-fixes).
- bpf: Allow helper bpf_get_[ns_]current_pid_tgid() for all prog types (bsc#1252364).
- cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request() (stable-fixes git-fixes).
- drm/amd/pm: fix smu table id bound check issue in smu_cmn_update_table() (git-fixes).
- ext4: fix checks for orphan inodes (bsc#1250119).
- hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() (git-fixes).
- kdb: Replace deprecated strcpy() with memmove() in vkdb_printf() (bsc#1252939).
- module: Prevent silent truncation of module name in delete_module(2) (git-fixes).
- net: mana: Use page pool fragments for RX buffers instead of full pages to improve memory efficiency (bsc#1248754).
- netfilter: nft_objref: validate objref and objrefmap expressions (bsc#1250237).
- perf/x86/intel: Allow to update user space GPRs from PEBS records (git-fixes).
- perf/x86/intel: Fix crash in icl_update_topdown_event() (git-fixes).
- phy: cadence: cdns-dphy: Update calibration wait time for startup state machine (git-fixes).
- powerpc/boot: Fix build with gcc 15 (bsc#1215199).
- powerpc/kvm: Fix ifdef to remove build warning (bsc#1215199).
- powerpc/powernv/pci: Fix underflow and leak issue (bsc#1215199).
- powerpc/pseries/msi: Fix potential underflow and leak issue (bsc#1215199).
- powerpc: floppy: Add missing checks after DMA map (bsc#1215199).
- proc: fix missing pde_set_flags() for net proc files (bsc#1248630)
- proc: fix type confusion in pde_set_flags() (bsc#1248630)
- sched/idle: Conditionally handle tick broadcast in default_idle_call() (bsc#1248517).
- skmsg: Return copied bytes in sk_msg_memcopy_from_iter (bsc#1250650).
- smb: client: fix crypto buffers in non-linear memory (bsc#1250491, bsc#1239206).
- smb: client: fix potential cfid UAF in smb2_query_info_compound (bsc#1248886).
- tcp_bpf: Fix copied value in tcp_bpf_sendmsg (bsc#1250650).
- tracing: Remove unneeded goto out logic (bsc#1249286).
- x86/idle: Sanitize X86_BUG_AMD_E400 handling (bsc#1248517).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places