Security update for the Linux Kernel

Announcement ID:	SUSE-SU-2025:0564-1
Release Date:	2025-02-17T13:26:35Z
Rating:	important
References:	bsc#1215199 bsc#1222803 bsc#1224049 bsc#1226980 bsc#1227937 bsc#1231088 bsc#1232101 bsc#1232161 bsc#1233028 bsc#1233221 bsc#1233248 bsc#1233522 bsc#1233778 bsc#1234070 bsc#1234683 bsc#1234693 bsc#1234947 bsc#1235001 bsc#1235217 bsc#1235230 bsc#1235244 bsc#1235390 bsc#1235418 bsc#1235430 bsc#1235441 bsc#1235485 bsc#1235487 bsc#1235489 bsc#1235498 bsc#1235545 bsc#1235578 bsc#1235582 bsc#1235583 bsc#1235612 bsc#1235638 bsc#1235656 bsc#1235686 bsc#1235865 bsc#1235874 bsc#1235914 bsc#1235941 bsc#1235948 bsc#1236127 bsc#1236160 bsc#1236161 bsc#1236163 bsc#1236182 bsc#1236192 bsc#1236245 bsc#1236247 bsc#1236260 bsc#1236262 bsc#1236628 bsc#1236680 bsc#1236681 bsc#1236682 bsc#1236683 bsc#1236684 bsc#1236685 bsc#1236688 bsc#1236689 bsc#1236694 bsc#1236696 bsc#1236698 bsc#1236702 bsc#1236703 bsc#1236732 bsc#1236733 bsc#1236757 bsc#1236758 bsc#1236759 bsc#1236760 bsc#1236761 jsc#PED-12094 jsc#PED-7242
Cross-References:	CVE-2024-40980 CVE-2024-46858 CVE-2024-49948 CVE-2024-49978 CVE-2024-50142 CVE-2024-50251 CVE-2024-50258 CVE-2024-50304 CVE-2024-53123 CVE-2024-53187 CVE-2024-53203 CVE-2024-56592 CVE-2024-56600 CVE-2024-56601 CVE-2024-56608 CVE-2024-56610 CVE-2024-56633 CVE-2024-56650 CVE-2024-56658 CVE-2024-56665 CVE-2024-56679 CVE-2024-56693 CVE-2024-56707 CVE-2024-56715 CVE-2024-56725 CVE-2024-56726 CVE-2024-56727 CVE-2024-56728 CVE-2024-56763 CVE-2024-57802 CVE-2024-57882 CVE-2024-57884 CVE-2024-57917 CVE-2024-57931 CVE-2024-57938 CVE-2024-57946 CVE-2025-21652 CVE-2025-21653 CVE-2025-21655 CVE-2025-21663 CVE-2025-21664 CVE-2025-21665 CVE-2025-21666 CVE-2025-21667 CVE-2025-21668 CVE-2025-21669 CVE-2025-21670 CVE-2025-21673 CVE-2025-21674 CVE-2025-21675 CVE-2025-21676 CVE-2025-21678 CVE-2025-21681 CVE-2025-21682
CVSS scores:	CVE-2024-40980 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-40980 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-46858 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-46858 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-49948 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-49948 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-49978 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-49978 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-50142 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2024-50142 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H CVE-2024-50142 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-50251 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-50251 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-50251 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2024-50258 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-50258 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-50258 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-50304 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-50304 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-53123 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-53123 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-53187 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N CVE-2024-53187 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L CVE-2024-53187 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-53203 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N CVE-2024-53203 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H CVE-2024-53203 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-56592 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-56592 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-56600 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2024-56600 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-56600 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-56600 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-56601 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2024-56601 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-56601 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-56601 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-56608 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-56608 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-56608 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-56610 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-56610 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-56633 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-56633 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-56650 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2024-56650 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-56650 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2024-56658 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2024-56658 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-56658 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-56665 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-56665 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-56665 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-56679 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-56679 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-56693 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2024-56693 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-56693 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-56707 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-56707 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-56715 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-56715 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-56715 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-56725 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-56725 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-56725 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-56726 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-56726 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-56726 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-56727 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-56727 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-56727 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-56728 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-56728 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-56728 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-56763 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-56763 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-56763 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-57802 ( SUSE ): 2.1 CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N CVE-2024-57802 ( SUSE ): 4.6 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L CVE-2024-57802 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-57882 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2024-57882 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H CVE-2024-57882 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-57884 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-57884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-57917 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-57917 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H CVE-2024-57931 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-57931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-57938 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-57938 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-57938 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-57946 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-57946 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21652 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2025-21652 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2025-21652 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2025-21652 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2025-21653 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N CVE-2025-21653 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L CVE-2025-21655 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-21655 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21663 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-21663 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21664 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-21664 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21665 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-21665 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21665 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21666 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-21666 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21666 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21667 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-21667 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21667 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21668 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N CVE-2025-21668 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H CVE-2025-21669 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-21669 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21669 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21670 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-21670 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21670 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21673 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2025-21673 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H CVE-2025-21673 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21674 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-21674 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21674 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21675 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-21675 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21675 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21676 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-21676 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21676 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21678 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-21678 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21681 ( SUSE ): 8.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H CVE-2025-21681 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H CVE-2025-21682 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2025-21682 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2025-21682 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:	Confidential Computing Module 15-SP6 SUSE Linux Enterprise Server 15 SP6 SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves 54 vulnerabilities, contains two features and has 19 security fixes can now be installed.

Description:

The SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

• CVE-2024-40980: drop_monitor: replace spin_lock by raw_spin_lock (bsc#1227937).
• CVE-2024-46858: mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088).
• CVE-2024-49948: net: add more sanity checks to qdisc_pkt_len_init() (bsc#1232161).
• CVE-2024-49978: gso: fix udp gso fraglist segmentation after pull from frag_list (bsc#1232101).
• CVE-2024-50142: xfrm: validate new SA's prefixlen using SA family when sel.family is unset (bsc#1233028).
• CVE-2024-50251: netfilter: nft_payload: sanitize offset and length before calling skb_checksum() (bsc#1233248).
• CVE-2024-50258: net: fix crash when config small gso_max_size/gso_ipv4_max_size (bsc#1233221).
• CVE-2024-50304: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() (bsc#1233522).
• CVE-2024-53123: mptcp: error out earlier on disconnect (bsc#1234070).
• CVE-2024-53187: io_uring: check for overflows in io_pin_pages (bsc#1234947).
• CVE-2024-53203: usb: typec: fix potential array underflow in ucsi_ccg_sync_control() (bsc#1235001).
• CVE-2024-56592: bpf: Call free_htab_elem() after htab_unlock_bucket() (bsc#1235244).
• CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6_create() (bsc#1235217).
• CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235230).
• CVE-2024-56608: drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create' (bsc#1235487).
• CVE-2024-56610: kcsan: Turn report_filterlist_lock into a raw_spinlock (bsc#1235390).
• CVE-2024-56633: tcp_bpf: Fix the sk_mem_uncharge logic in tcp_bpf_sendmsg (bsc#1235485).
• CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235430).
• CVE-2024-56658: net: defer final 'struct net' free in netns dismantle (bsc#1235441).
• CVE-2024-56665: bpf,perf: Fix invalid prog_array access in perf_event_detach_bpf_prog (bsc#1235489).
• CVE-2024-56679: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_common.c (bsc#1235498).
• CVE-2024-56693: brd: defer automatic disk creation until module initialization succeeds (bsc#1235418).
• CVE-2024-56707: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c (bsc#1235545).
• CVE-2024-56715: ionic: Fix netdev notifier unregister on failure (bsc#1235612).
• CVE-2024-56725: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dcbnl.c (bsc#1235578).
• CVE-2024-56726: octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c (bsc#1235582).
• CVE-2024-56727: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_flows.c (bsc#1235583).
• CVE-2024-56728: octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_ethtool.c (bsc#1235656).
• CVE-2024-56763: tracing: Prevent bad count for tracing_cpumask_write (bsc#1235638).
• CVE-2024-57802: netrom: check buffer length before accessing it (bsc#1235941).
• CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235914).
• CVE-2024-57884: mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() (bsc#1235948).
• CVE-2024-57917: topology: Keep the cpumask unchanged when printing cpumap (bsc#1236127).
• CVE-2024-57931: selinux: ignore unknown extended permissions (bsc#1236192).
• CVE-2024-57938: net/sctp: Prevent autoclose integer overflow in sctp_association_init() (bsc#1236182).
• CVE-2024-57946: virtio-blk: do not keep queue frozen during system suspend (bsc#1236247).
• CVE-2025-21652: ipvlan: Fix use-after-free in ipvlan_get_iflink() (bsc#1236160).
• CVE-2025-21653: net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute (bsc#1236161).
• CVE-2025-21655: io_uring/eventfd: ensure io_eventfd_signal() defers another RCU period (bsc#1236163).
• CVE-2025-21663: net: stmmac: dwmac-tegra: Read iommu stream id from device tree (bsc#1236260).
• CVE-2025-21664: dm thin: make get_first_thin use rcu-safe list first function (bsc#1236262).
• CVE-2025-21665: filemap: avoid truncating 64-bit offset to 32 bits (bsc#1236684).
• CVE-2025-21666: vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] (bsc#1236680).
• CVE-2025-21667: iomap: avoid avoid truncating 64-bit offset to 32 bits (bsc#1236681).
• CVE-2025-21668: pmdomain: imx8mp-blk-ctrl: add missing loop break condition (bsc#1236682).
• CVE-2025-21669: vsock/virtio: discard packets if the transport changes (bsc#1236683).
• CVE-2025-21670: vsock/bpf: return early if transport is not assigned (bsc#1236685).
• CVE-2025-21673: smb: client: fix double free of TCP_Server_Info::hostname (bsc#1236689).
• CVE-2025-21674: net/mlx5e: Fix inversion dependency warning while enabling IPsec tunnel (bsc#1236688).
• CVE-2025-21675: net/mlx5: Clear port select structure when fail to create (bsc#1236694).
• CVE-2025-21676: net: fec: handle page_pool_dev_alloc_pages error (bsc#1236696).
• CVE-2025-21678: gtp: Destroy device along with udp socket's netns dismantle (bsc#1236698).
• CVE-2025-21681: openvswitch: fix lockup on tx to unregistering netdev with carrier (bsc#1236702).
• CVE-2025-21682: eth: bnxt: always recalculate features after XDP clearing, fix null-deref (bsc#1236703).

The following non-security bugs were fixed:

• ACPI: PRM: Remove unnecessary strict handler address checks (git-fixes).
• ACPI: fan: cleanup resources in the error path of .probe() (git-fixes).
• ACPI: property: Fix return value for nval == 0 in acpi_data_prop_read() (git-fixes).
• ACPI: resource: acpi_dev_irq_override(): Check DMI match last (stable-fixes).
• ALSA: hda/realtek - Fixed headphone distorted sound on Acer Aspire A115-31 laptop (git-fixes).
• ALSA: hda/realtek: Enable Mute LED on HP Laptop 14s-fq1xxx (stable-fixes).
• ALSA: hda/realtek: Enable headset mic on Positivo C6400 (stable-fixes).
• ALSA: hda/realtek: Workaround for resume on Dell Venue 11 Pro 7130 (bsc#1235686).
• ALSA: hda: Fix headset detection failure due to unstable sort (git-fixes).
• ALSA: seq: Make dependency on UMP clearer (git-fixes).
• ALSA: seq: remove redundant 'tristate' for SND_SEQ_UMP_CLIENT (stable-fixes).
• ALSA: usb-audio: Add delay quirk for USB Audio Device (stable-fixes).
• ALSA: usb-audio: Add delay quirk for iBasso DC07 Pro (stable-fixes).
• ASoC: Intel: avs: Abstract IPC handling (stable-fixes).
• ASoC: Intel: avs: Do not readq() u32 registers (git-fixes).
• ASoC: Intel: avs: Fix theoretical infinite loop (git-fixes).
• ASoC: Intel: avs: Prefix SKL/APL-specific members (stable-fixes).
• ASoC: acp: Support microphone from Lenovo Go S (stable-fixes).
• ASoC: rockchip: i2s_tdm: Re-add the set_sysclk callback (git-fixes).
• ASoC: samsung: Add missing depends on I2C (git-fixes).
• ASoC: samsung: Add missing selects for MFD_WM8994 (stable-fixes).
• ASoC: sun4i-spdif: Add clock multiplier settings (git-fixes).
• ASoC: wm8994: Add depends on MFD core (stable-fixes).
• Bluetooth: L2CAP: accept zero as a special value for MTU auto-selection (git-fixes).
• Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc (git-fixes).
• Bluetooth: btnxpuart: Fix glitches seen in dual A2DP streaming (git-fixes).
• EDAC/{i10nm,skx,skx_common}: Support UV systems (bsc#1234693).
• HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections (git-fixes).
• HID: fix generic desktop D-Pad controls (git-fixes).
• HID: hid-sensor-hub: do not use stale platform-data on remove (git-fixes).
• HID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint check (git-fixes).
• HID: multitouch: fix support for Goodix PID 0x01e9 (git-fixes).
• Input: atkbd - map F23 key to support default copilot shortcut (stable-fixes).
• Input: bbnsm_pwrkey - add remove hook (git-fixes).
• Input: davinci-keyscan - remove leftover header (git-fixes).
• Input: xpad - add QH Electronics VID/PID (stable-fixes).
• Input: xpad - add support for Nacon Evol-X Xbox One Controller (stable-fixes).
• Input: xpad - add support for Nacon Pro Compact (stable-fixes).
• Input: xpad - add support for wooting two he (arm) (stable-fixes).
• Input: xpad - add unofficial Xbox 360 wireless receiver clone (stable-fixes).
• Input: xpad - improve name of 8BitDo controller 2dc8:3106 (stable-fixes).
• KVM: Allow page-sized MMU caches to be initialized with custom 64-bit values (jsc#PED-6143).
• KVM: x86/mmu: Add Suppress VE bit to EPT shadow_mmio_mask/shadow_present_mask (jsc#PED-6143).
• KVM: x86/mmu: Allow non-zero value for non-present SPTE and removed SPTE (jsc#PED-6143).
• KVM: x86/mmu: Replace hardcoded value 0 for the initial value for SPTE (jsc#PED-6143).
• KVM: x86/mmu: Track shadow MMIO value on a per-VM basis (jsc#PED-6143).
• NFC: nci: Add bounds checking in nci_hci_create_pipe() (git-fixes).
• NFSv4.2: fix COPY_NOTIFY xdr buf size calculation (git-fixes).
• NFSv4.2: mark OFFLOAD_CANCEL MOVEABLE (git-fixes).
• PCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1 (git-fixes).
• PCI: dwc: Always stop link in the dw_pcie_suspend_noirq (git-fixes).
• PCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar() (git-fixes).
• PCI: dwc: ep: Write BAR_MASK before iATU registers in pci_epc_set_bar() (git-fixes).
• PCI: endpoint: Destroy the EPC device in devm_pci_epc_destroy() (git-fixes).
• PCI: endpoint: Finish virtual EP removal in pci_epf_remove_vepf() (git-fixes).
• PCI: endpoint: pci-epf-test: Fix check for DMA MEMCPY test (git-fixes).
• PCI: endpoint: pci-epf-test: Set dma_chan_rx pointer to NULL on error (git-fixes).
• PCI: imx6: Deassert apps_reset in imx_pcie_deassert_core_reset() (git-fixes).
• PCI: imx6: Skip controller_id generation logic for i.MX7D (git-fixes).
• PCI: microchip: Set inbound address translation for coherent or non-coherent mode (git-fixes).
• PCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region() (git-fixes).
• PM: hibernate: Add error handling for syscore_suspend() (git-fixes).
• RDMA/bnxt_re: Fix to drop reference to the mmap entry in case of error (git-fixes)
• RDMA/bnxt_re: Fix to export port num to ib_query_qp (git-fixes)
• RDMA/mlx4: Avoid false error about access to uninitialized gids array (git-fixes)
• RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error (git-fixes)
• RDMA/mlx5: Fix implicit ODP use after free (git-fixes)
• RDMA/mlx5: Fix indirect mkey ODP page count (git-fixes)
• RDMA/rxe: Fix mismatched max_msg_sz (git-fixes)
• RDMA/rxe: Fix the warning "__rxe_cleanup+0x12c/0x170 [rdma_rxe]" (git-fixes)
• RDMA/srp: Fix error handling in srp_add_port (git-fixes)
• Remove "iommu/arm-smmu: Defer probe of clients after smmu device bound", reverted by upstream.
• Revert "HID: multitouch: Add support for lenovo Y9000P Touchpad" (stable-fixes).
• Revert "drm/i915/dpt: Make DPT object unshrinkable" (stable-fixes).
• Revert "usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null" (stable-fixes).
• Revert "Disable ceph".
• USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() (git-fixes).
• VFS: use system_unbound_wq for delayed_mntput (bsc#1234683).
• VMCI: fix reference to ioctl-number.rst (git-fixes).
• afs: Fix EEXIST error returned from afs_rmdir() to be ENOTEMPTY (git-fixes).
• afs: Fix cleanup of immediately failed async calls (git-fixes).
• afs: Fix directory format encoding struct (git-fixes).
• afs: Fix the fallback handling for the YFS.RemoveFile2 RPC call (git-fixes).
• arm64/sme: Move storage of reg_smidr to __cpuinfo_store_cpu() (git-fixes)
• arm64: Filter out SVE hwcaps when FEAT_SVE isn't implemented (git-fixes)
• arm64: Kconfig: Make SME depend on BROKEN for now (git-fixes bsc#1236245) Update arm64 default configuration file
• arm64: dts: rockchip: Add sdmmc/sdio/emmc reset controls for RK3328 (git-fixes)
• arm64: dts: rockchip: increase gmac rx_delay on rk3399-puma (git-fixes)
• arm64: tegra: Disable Tegra234 sce-fabric node (git-fixes)
• arm64: tegra: Fix Tegra234 PCIe interrupt-map (git-fixes)
• arm64: tegra: Fix typo in Tegra234 dce-fabric compatible (git-fixes)
• ata: libata-core: Set ATA_QCFLAG_RTF_FILLED in fill_result_tf() (stable-fixes).
• bus: mhi: host: Free mhi_buf vector inside mhi_alloc_bhie_table() (git-fixes).
• cpufreq: ACPI: Fix max-frequency computation (git-fixes).
• cpufreq: Do not unregister cpufreq cooling on CPU hotplug (git-fixes).
• cpufreq: amd-pstate: remove global header file (git-fixes).
• cpufreq: imx6q: Do not disable 792 Mhz OPP unnecessarily (git-fixes).
• cpufreq: imx6q: do not warn for disabling a non-existing frequency (git-fixes).
• cpufreq: intel_pstate: Make hwp_notify_lock a raw spinlock (git-fixes).
• cpufreq: intel_pstate: Use HWP to initialize ITMT if CPPC is missing (git-fixes).
• cpufreq: intel_pstate: fix pstate limits enforcement for adjust_perf call back (git-fixes).
• cpufreq: mediatek-hw: Do not error out if supply is not found (git-fixes).
• cpufreq: mediatek-hw: Wait for CPU supplies before probing (git-fixes).
• cpufreq: qcom-nvmem: Enable virtual power domain devices (git-fixes).
• cpufreq: qcom-nvmem: Simplify driver data allocation (stable-fixes).
• cpufreq: qcom-nvmem: add support for IPQ8064 (git-fixes).
• cpufreq: qcom-nvmem: drop pvs_ver for format a fuses (git-fixes).
• cpufreq: qcom-nvmem: fix memory leaks in probe error paths (git-fixes).
• cpufreq: qcom-nvmem: use SoC ID-s from bindings (git-fixes).
• cpufreq: qcom-nvmem: use helper to get SMEM SoC ID (git-fixes).
• cpufreq: qcom: Fix qcom_cpufreq_hw_recalc_rate() to query LUT if LMh IRQ is not available (git-fixes).
• cpufreq: qcom: Implement clk_ops::determine_rate() for qcom_cpufreq* clocks (git-fixes).
• cpuidle: Avoid potential overflow in integer multiplication (git-fixes).
• cpupower: fix TSC MHz calculation (git-fixes).
• crypto: caam - use JobR's space to access page 0 regs (git-fixes).
• crypto: hisilicon/sec2 - fix for aead icv error (git-fixes).
• crypto: hisilicon/sec2 - fix for aead invalid authsize (git-fixes).
• crypto: hisilicon/sec2 - optimize the error return process (stable-fixes).
• crypto: iaa - Fix IAA disabling that occurs when sync_mode is set to 'async' (git-fixes).
• crypto: ixp4xx - fix OF node reference leaks in init_ixp_crypto() (git-fixes).
• crypto: qce - fix goto jump in error path (git-fixes).
• crypto: qce - fix priority to be less than ARMv8 CE (git-fixes).
• crypto: qce - unregister previously registered algos in error path (git-fixes).
• devcoredump: cleanup some comments (git-fixes).
• dmaengine: ti: edma: fix OF node reference leaks in edma_driver (git-fixes).
• docs: power: Fix footnote reference for Toshiba Satellite P10-554 (git-fixes).
• driver core: class: Fix wild pointer dereferences in API class_dev_iter_next() (git-fixes).
• drivers/card_reader/rtsx_usb: Restore interrupt based detection (git-fixes).
• drm/amd/display: Use HW lock mgr for PSR1 (stable-fixes).
• drm/amd/pm: Fix an error handling path in vega10_enable_se_edc_force_stall_config() (git-fixes).
• drm/amdgpu/vcn: reset fw_shared under SRIOV (git-fixes).
• drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table (git-fixes).
• drm/amdgpu: always sync the GFX pipe on ctx switch (stable-fixes).
• drm/amdgpu: fix UVD contiguous CS mapping problem (bsc#1236759).
• drm/amdgpu: simplify return statement in amdgpu_ras_eeprom_init (git-fixes).
• drm/amdgpu: tear down ttm range manager for doorbell in amdgpu_ttm_fini() (git-fixes).
• drm/bridge: it6505: Change definition of AUX_FIFO_MAX_SIZE (git-fixes).
• drm/etnaviv: Fix page property being used for non writecombine buffers (git-fixes).
• drm/i915/dp: Iterate DSC BPP from high to low on all platforms (git-fixes).
• drm/i915/fb: Relax clear color alignment to 64 bytes (stable-fixes).
• drm/i915/guc: Debug print LRC state entries only if the context is pinned (git-fixes).
• drm/i915/pmu: Fix zero delta busyness issue (git-fixes).
• drm/komeda: Add check for komeda_get_layer_fourcc_list() (git-fixes).
• drm/mgag200: Added support for the new device G200eH5 (jsc#PED-12094)
• drm/msm/dp: set safe_to_exit_level before printing it (git-fixes).
• drm/msm/dpu: link DSPP_2/_3 blocks on SC8180X (git-fixes).
• drm/msm/dpu: link DSPP_2/_3 blocks on SM8150 (git-fixes).
• drm/msm/dpu: link DSPP_2/_3 blocks on SM8250 (git-fixes).
• drm/msm/dpu: link DSPP_2/_3 blocks on SM8350 (git-fixes).
• drm/msm/dpu: link DSPP_2/_3 blocks on SM8550 (git-fixes).
• drm/msm: Check return value of of_dma_configure() (git-fixes).
• drm/msm: do not clean up priv->kms prematurely (git-fixes).
• drm/rcar-du: dsi: Fix PHY lock bit check (git-fixes).
• drm/rockchip: cdn-dp: Use drm_connector_helper_hpd_irq_event() (git-fixes).
• drm/rockchip: move output interface related definition to rockchip_drm_drv.h (stable-fixes).
• drm/rockchip: vop2: Check linear format for Cluster windows on rk3566/8 (git-fixes).
• drm/rockchip: vop2: Fix cluster windows alpha ctrl regsiters offset (git-fixes).
• drm/rockchip: vop2: Fix the mixer alpha setup for layer 0 (git-fixes).
• drm/rockchip: vop2: Fix the windows switch between different layers (git-fixes).
• drm/rockchip: vop2: Set YUV/RGB overlay mode (stable-fixes).
• drm/rockchip: vop2: include rockchip_drm_drv.h (git-fixes).
• drm/rockchip: vop2: set bg dly and prescan dly at vop2_post_config (stable-fixes).
• drm/tidss: Clear the interrupt status for interrupts being disabled (git-fixes).
• drm/tidss: Fix issue in irq handling causing irq-flood issue (git-fixes).
• drm/v3d: Assign job pointer to NULL before signaling the fence (git-fixes).
• drm/v3d: Stop active perfmon if it is being destroyed (git-fixes).
• fbdev: omapfb: Fix an OF node leak in dss_of_port_get_parent_device() (git-fixes).
• firmware: iscsi_ibft: fix ISCSI_IBFT Kconfig entry (git-fixes).
• futex: Do not include process MM in futex key on no-MMU (git-fixes).
• genirq: Make handle_enforce_irqctx() unconditionally available (git-fixes).
• genksyms: fix memory leak when the same symbol is added from source (git-fixes).
• genksyms: fix memory leak when the same symbol is read from *.symref file (git-fixes).
• gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (git-fixes).
• gpio: mxc: remove dead code after switch to DT-only (git-fixes).
• gpio: pca953x: Improve interrupt support (git-fixes).
• gpu: drm_dp_cec: fix broken CEC adapter properties check (git-fixes).
• gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp() (git-fixes).
• hwmon: (drivetemp) Set scsi command timeout to 10s (stable-fixes).
• hyperv: Do not overlap the hvcall IO areas in get_vtl() (git-fixes).
• ibmvnic: Free any outstanding tx skbs during scrq reset (bsc#1226980).
• iio: adc: ad_sigma_delta: Handle CS assertion as intended in ad_sd_read_reg_raw() (git-fixes).
• iio: iio-mux: kzalloc instead of devm_kzalloc to ensure page alignment (git-fixes).
• iio: light: as73211: fix channel handling in only-color triggered buffer (git-fixes).
• intel_th: core: fix kernel-doc warnings (git-fixes).
• ipmi: ipmb: Add check devm_kasprintf() returned value (git-fixes).
• ipmi: ssif_bmc: Fix new request loss when bmc ready for a response (git-fixes).
• kconfig: fix file name in warnings when loading KCONFIG_DEFCONFIG_LIST (git-fixes).
• kheaders: Ignore silly-rename files (stable-fixes).
• ktest.pl: Avoid false positives with grub2 skip regex (stable-fixes).
• ktest.pl: Check kernelrelease return in get_version (git-fixes).
• ktest.pl: Fix typo "accesing" (git-fixes).
• ktest.pl: Fix typo in comment (git-fixes).
• ktest.pl: Remove unused declarations in run_bisect_test function (git-fixes).
• ktest: force $buildonly = 1 for 'make_warnings_file' test type (stable-fixes).
• landlock: Handle weird files (git-fixes).
• latencytop: use correct kernel-doc format for func params (git-fixes).
• leds: lp8860: Write full EEPROM, not only half of it (git-fixes).
• leds: netxbig: Fix an OF node reference leak in netxbig_leds_get_of_pdata() (git-fixes).
• lib/inflate.c: remove dead code (git-fixes).
• lockdep: fix deadlock issue between lockdep and rcu (git-fixes).
• locking/lockdep: Avoid creating new name string literals in lockdep_set_subclass() (git-fixes).
• locking/rwsem: Add __always_inline annotation to __down_write_common() and inlined callers (git-fixes).
• mac802154: check local interfaces before deleting sdata list (stable-fixes).
• mailbox: tegra-hsp: Clear mailbox before using message (git-fixes).
• maple_tree: simplify split calculation (git-fixes).
• media: camif-core: Add check for clk_enable() (git-fixes).
• media: ccs: Clean up parsed CCS static data on parse failure (git-fixes).
• media: ccs: Fix CCS static data parsing for large block sizes (git-fixes).
• media: ccs: Fix cleanup order in ccs_probe() (git-fixes).
• media: dvb-usb-v2: af9035: fix ISO C90 compilation error on af9035_i2c_master_xfer (git-fixes).
• media: dvb: mb86a16: check the return value of mb86a16_read() (git-fixes).
• media: firewire: firedtv-avc.c: replace BUG with proper, error return (git-fixes).
• media: i2c: imx412: Add missing newline to prints (git-fixes).
• media: i2c: ov9282: Correct the exposure offset (git-fixes).
• media: imx-jpeg: Fix potential error pointer dereference in detach_pm() (git-fixes).
• media: imx296: Add standby delay during probe (git-fixes).
• media: lmedm04: Handle errors for lme2510_int_read (git-fixes).
• media: marvell: Add check for clk_enable() (git-fixes).
• media: mc: fix endpoint iteration (git-fixes).
• media: mipi-csis: Add check for clk_enable() (git-fixes).
• media: nxp: imx8-isi: fix v4l2-compliance test errors (git-fixes).
• media: ov08x40: Fix hblank out of range issue (git-fixes).
• media: ov5640: fix get_light_freq on auto (git-fixes).
• media: rc: iguanair: handle timeouts (git-fixes).
• media: rkisp1: Fix unused value issue (git-fixes).
• media: uvcvideo: Fix crash during unbind if gpio unit is in use (git-fixes).
• media: uvcvideo: Fix double free in error path (git-fixes).
• media: uvcvideo: Fix event flags in uvc_ctrl_send_events (git-fixes).
• media: uvcvideo: Only save async fh if success (git-fixes).
• media: uvcvideo: Propagate buf->error to userspace (git-fixes).
• media: uvcvideo: Remove dangling pointers (git-fixes).
• media: uvcvideo: Remove redundant NULL assignment (git-fixes).
• media: uvcvideo: Support partial control reads (git-fixes).
• memory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code() (git-fixes).
• misc: fastrpc: Deregister device nodes properly in error scenarios (git-fixes).
• misc: fastrpc: Fix copy buffer page size (git-fixes).
• misc: fastrpc: Fix registered buffer page address (git-fixes).
• misc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors (git-fixes).
• mm/compaction: fix UBSAN shift-out-of-bounds warning (git fixes (mm/compaction)).
• mm/rodata_test: use READ_ONCE() to read const variable (git-fixes).
• mptcp: fix recvbuffer adjust on sleeping rcvmsg (git-fixes)
• mtd: onenand: Fix uninitialized retlen in do_otp_read() (git-fixes).
• mtd: spinand: Remove write_enable_op() in markbad() (git-fixes).
• net/rose: prevent integer overflows in rose_setsockopt() (git-fixes).
• net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761).
• net: mana: Cleanup "mana" debugfs dir after cleanup of all children (bsc#1236760).
• net: mana: Enable debugfs files for MANA device (bsc#1236758).
• net: netvsc: Update default VMBus channels (bsc#1236757).
• net: phy: c45-tjaxx: add delay between MDIO write and read in soft_reset (git-fixes).
• net: rose: fix timer races against user threads (git-fixes).
• net: usb: rtl8150: enable basic endpoint checking (git-fixes).
• netfilter: nf_tables: validate family when identifying table via handle (bsc#1233778 ZDI-24-1454).
• nilfs2: fix possible int overflows in nilfs_fiemap() (git-fixes).
• nvme-tcp: Fix I/O queue cpu spreading for multiple controllers (git-fixes).
• nvme: Add error check for xa_store in nvme_get_effects_log (git-fixes).
• nvme: Add error path for xa_store in nvme_init_effects (git-fixes).
• nvme: fix bogus kzalloc() return check in nvme_init_effects_log() (git-fixes).
• nvmet: propagate npwg topology (git-fixes).
• padata: add pd get/put refcnt helper (git-fixes).
• padata: avoid UAF for reorder_work (git-fixes).
• padata: fix UAF in padata_reorder (git-fixes).
• pinctrl: amd: Take suspend type into consideration which pins are non-wake (git-fixes).
• pinctrl: samsung: fix fwnode refcount cleanup if platform_get_irq_optional() fails (git-fixes).
• pm:cpupower: Add missing powercap_set_enabled() stub function (git-fixes).
• power: ip5xxx_power: Fix return value on ADC read errors (git-fixes).
• powerpc/pseries/eeh: Fix get PE state translation (bsc#1215199).
• pps: add an error check in parport_attach (git-fixes).
• pps: remove usage of the deprecated ida_simple_xx() API (stable-fixes).
• printk: Add is_printk_legacy_deferred() (bsc#1236733).
• printk: Defer legacy printing when holding printk_cpu_sync (bsc#1236733).
• pwm: stm32-lp: Add check for clk_enable() (git-fixes).
• pwm: stm32: Add check for clk_enable() (git-fixes).
• r8169: enable SG/TSO on selected chip versions per default (bsc#1235874).
• rcu-tasks: Pull sampling of ->percpu_dequeue_lim out of loop (git-fixes)
• rcu/tree: Defer setting of jiffies during stall reset (git-fixes)
• rcu: Dump memory object info if callback function is invalid (git-fixes)
• rcu: Eliminate rcu_gp_slow_unregister() false positive (git-fixes)
• rcuscale: Move rcu_scale_writer() (git-fixes)
• rdma/cxgb4: Prevent potential integer overflow on 32bit (git-fixes)
• regulator: core: Add missing newline character (git-fixes).
• regulator: of: Implement the unwind path of of_regulator_match() (git-fixes).
• remoteproc: core: Fix ida_free call while not allocated (git-fixes).
• rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read (git-fixes).
• rtc: zynqmp: Fix optional clock name property (git-fixes).
• samples/landlock: Fix possible NULL dereference in parse_path() (git-fixes).
• sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat (bsc#1235865).
• sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat -kabi (bsc#1235865).
• scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (git-fixes).
• seccomp: Stub for !CONFIG_SECCOMP (stable-fixes).
• selftest: media_tests: fix trivial UAF typo (git-fixes).
• selftests/alsa: Fix circular dependency involving global-timer (stable-fixes).
• selftests/futex: pass _GNU_SOURCE without a value to the compiler (git-fixes).
• selftests/landlock: Fix error message (git-fixes).
• selftests/mm/cow: modify the incorrect checking parameters (git-fixes).
• selftests/powerpc: Fix argument order to timer_sub() (git-fixes).
• selftests: harness: fix printing of mismatch values in __EXPECT() (git-fixes).
• selftests: tc-testing: reduce rshift value (stable-fixes).
• selftests: timers: clocksource-switch: Adapt progress to kselftest framework (git-fixes).
• selinux: Fix SCTP error inconsistency in selinux_socket_bind() (git-fixes).
• serial: 8250: Adjust the timeout for FIFO mode (git-fixes).
• serial: sc16is7xx: use device_property APIs when configuring irda mode (stable-fixes).
• serial: sh-sci: Do not probe the serial port if its slot in sci_ports[] is in use (git-fixes).
• serial: sh-sci: Drop __initdata macro for port_cfg (git-fixes).
• soc: atmel: fix device_node release in atmel_soc_device_init() (git-fixes).
• soc: mediatek: mtk-devapc: Fix leaking IO map on error paths (git-fixes).
• soc: qcom: smem: introduce qcom_smem_get_soc_id() (git-fixes).
• soc: qcom: smem_state: fix missing of_node_put in error path (git-fixes).
• soc: qcom: socinfo: Avoid out of bounds read of serial number (git-fixes).
• soc: qcom: socinfo: move SMEM item struct and defines to a header (git-fixes).
• spi: zynq-qspi: Add check for clk_enable() (git-fixes).
• srcu: Fix srcu_struct node grpmask overflow on 64-bit systems (git-fixes)
• srcu: Only accelerate on enqueue time (git-fixes)
• staging: media: imx: fix OF node leak in imx_media_add_of_subdevs() (git-fixes).
• staging: media: max96712: fix kernel oops when removing module (git-fixes).
• tools: Sync if_xdp.h uapi tooling header (git-fixes).
• tty: xilinx_uartps: split sysrq handling (git-fixes).
• ubifs: skip dumping tnc tree when zroot is null (git-fixes).
• uio: Fix return value of poll (git-fixes).
• uio: uio_dmem_genirq: check the return value of devm_kasprintf() (git-fixes).
• usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in the error path of .probe() (git-fixes).
• usb: dwc3-am62: Fix an OF node leak in phy_syscon_pll_refclk() (git-fixes).
• usb: gadget: f_tcm: Decrement command ref count on cleanup (git-fixes).
• usb: gadget: f_tcm: Do not free command immediately (git-fixes).
• usb: gadget: f_tcm: Do not prepare BOT write request twice (git-fixes).
• usb: gadget: f_tcm: Fix Get/SetInterface return value (git-fixes).
• usb: gadget: f_tcm: Translate error to sense (git-fixes).
• usb: gadget: f_tcm: ep_autoconfig with fullspeed endpoint (git-fixes).
• usb: host: xhci-plat: Assign shared_hcd->rsrc_start (git-fixes).
• usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control() (bsc#1235001)
• usb: typec: tcpm: set SRC_SEND_CAPABILITIES timeout to PD_T_SENDER_RESPONSE (git-fixes).
• usbnet: ipheth: break up NCM header size computation (git-fixes).
• usbnet: ipheth: check that DPE points past NCM header (git-fixes).
• usbnet: ipheth: fix DPE OoB read (git-fixes).
• usbnet: ipheth: fix possible overflow in DPE length check (git-fixes).
• usbnet: ipheth: refactor NCM datagram loop (git-fixes).
• usbnet: ipheth: use static NDP16 location in URB (git-fixes).
• vfio/pci: Lock external INTx masking ops (bsc#1222803).
• virtio-mem: check if the config changed before fake offlining memory (git-fixes).
• virtio-mem: convert most offline_and_remove_memory() errors to -EBUSY (git-fixes).
• virtio-mem: keep retrying on offline_and_remove_memory() errors in Sub Block Mode (SBM) (git-fixes).
• virtio-mem: remove unsafe unplug in Big Block Mode (BBM) (git-fixes).
• vsock/virtio: cancel close work in the destructor (git-fixes)
• vsock: Keep the binding until socket destruction (git-fixes)
• vsock: reset socket state when de-assigning the transport (git-fixes)
• wifi: ath11k: Fix unexpected return buffer manager error for WCN6750/WCN6855 (git-fixes).
• wifi: ath11k: cleanup struct ath11k_mon_data (git-fixes).
• wifi: ath12k: fix tx power, max reg power update to firmware (git-fixes).
• wifi: brcmfmac: add missing header include for brcmf_dbg (git-fixes).
• wifi: cfg80211: adjust allocation of colocated AP data (git-fixes).
• wifi: iwlwifi: fw: read STEP table from correct UEFI var (git-fixes).
• wifi: mac80211: Fix common size calculation for ML element (git-fixes).
• wifi: mac80211: do not flush non-uploaded STAs (git-fixes).
• wifi: mac80211: fix tid removal during mesh forwarding (git-fixes).
• wifi: mac80211: prohibit deactivating all links (git-fixes).
• wifi: mt76: connac: move mt7615_mcu_del_wtbl_all to connac (stable-fixes).
• wifi: mt76: mt76u_vendor_request: Do not print error messages when -EPROTO (git-fixes).
• wifi: mt76: mt7915: Fix mesh scan on MT7916 DBDC (git-fixes).
• wifi: mt76: mt7915: add module param to select 5 GHz or 6 GHz on MT7916 (git-fixes).
• wifi: mt76: mt7915: firmware restart on devices with a second pcie link (git-fixes).
• wifi: mt76: mt7915: fix omac index assignment after hardware reset (git-fixes).
• wifi: mt76: mt7915: fix overflows seen when writing limit attributes (git-fixes).
• wifi: mt76: mt7915: fix register mapping (git-fixes).
• wifi: mt76: mt7915: improve hardware restart reliability (stable-fixes).
• wifi: mt76: mt7921: fix using incorrect group cipher after disconnection (git-fixes).
• wifi: mt76: mt7925: fix off by one in mt7925_load_clc() (git-fixes).
• wifi: mt76: mt7996: add max mpdu len capability (git-fixes).
• wifi: mt76: mt7996: fix HE Phy capability (git-fixes).
• wifi: mt76: mt7996: fix definition of tx descriptor (git-fixes).
• wifi: mt76: mt7996: fix incorrect indexing of MIB FW event (git-fixes).
• wifi: mt76: mt7996: fix ldpc setting (git-fixes).
• wifi: mt76: mt7996: fix overflows seen when writing limit attributes (git-fixes).
• wifi: mt76: mt7996: fix register mapping (git-fixes).
• wifi: mt76: mt7996: fix rx filter setting for bfee functionality (git-fixes).
• wifi: mt76: mt7996: fix the capability of reception of EHT MU PPDU (git-fixes).
• wifi: rtlwifi: destroy workqueue at rtl_deinit_core (git-fixes).
• wifi: rtlwifi: do not complete firmware loading needlessly (git-fixes).
• wifi: rtlwifi: fix init_sw_vars leak when probe fails (git-fixes).
• wifi: rtlwifi: fix memory leaks and invalid access at probe error path (git-fixes).
• wifi: rtlwifi: pci: wait for firmware loading before releasing memory (git-fixes).
• wifi: rtlwifi: remove unused check_buddy_priv (git-fixes).
• wifi: rtlwifi: rtl8192se: rise completion of firmware loading as last step (git-fixes).
• wifi: rtlwifi: rtl8821ae: Fix media status report (git-fixes).
• wifi: rtlwifi: rtl8821ae: phy: restore removed code to fix infinite loop (git-fixes).
• wifi: rtlwifi: usb: fix workqueue leak when probe fails (git-fixes).
• wifi: rtlwifi: wait for firmware loading before releasing memory (git-fixes).
• wifi: rtw89: mcc: consider time limits not divisible by 1024 (git-fixes).
• wifi: wcn36xx: fix channel survey memory allocation size (git-fixes).
• wifi: wlcore: fix unbalanced pm_runtime calls (git-fixes).
• workqueue: Add rcu lock check at the end of work item execution (bsc#1236732).
• xfs: Add error handling for xfs_reflink_cancel_cow_range (git-fixes).
• xfs: Propagate errors from xfs_reflink_cancel_cow_range in xfs_dax_write_iomap_end (git-fixes).

Special Instructions and Notes:

• Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• Confidential Computing Module 15-SP6
  zypper in -t patch SUSE-SLE-Module-Confidential-Computing-15-SP6-2025-564=1

Package List:

• Confidential Computing Module 15-SP6 (nosrc x86_64)
  • kernel-coco-6.4.0-15061.15.coco15sp6.1
  • kernel-coco_debug-6.4.0-15061.15.coco15sp6.1
• Confidential Computing Module 15-SP6 (x86_64)
  • kernel-coco-debuginfo-6.4.0-15061.15.coco15sp6.1
  • kernel-coco_debug-debugsource-6.4.0-15061.15.coco15sp6.1
  • kernel-coco_debug-devel-6.4.0-15061.15.coco15sp6.1
  • reiserfs-kmp-coco-debuginfo-6.4.0-15061.15.coco15sp6.1
  • kernel-coco-vdso-debuginfo-6.4.0-15061.15.coco15sp6.1
  • kernel-coco-devel-6.4.0-15061.15.coco15sp6.1
  • reiserfs-kmp-coco-6.4.0-15061.15.coco15sp6.1
  • kernel-syms-coco-6.4.0-15061.15.coco15sp6.1
  • kernel-coco_debug-devel-debuginfo-6.4.0-15061.15.coco15sp6.1
  • kernel-coco-debugsource-6.4.0-15061.15.coco15sp6.1
  • kernel-coco_debug-debuginfo-6.4.0-15061.15.coco15sp6.1
• Confidential Computing Module 15-SP6 (noarch)
  • kernel-devel-coco-6.4.0-15061.15.coco15sp6.1
  • kernel-source-coco-6.4.0-15061.15.coco15sp6.1

References:

• https://www.suse.com/security/cve/CVE-2024-40980.html
• https://www.suse.com/security/cve/CVE-2024-46858.html
• https://www.suse.com/security/cve/CVE-2024-49948.html
• https://www.suse.com/security/cve/CVE-2024-49978.html
• https://www.suse.com/security/cve/CVE-2024-50142.html
• https://www.suse.com/security/cve/CVE-2024-50251.html
• https://www.suse.com/security/cve/CVE-2024-50258.html
• https://www.suse.com/security/cve/CVE-2024-50304.html
• https://www.suse.com/security/cve/CVE-2024-53123.html
• https://www.suse.com/security/cve/CVE-2024-53187.html
• https://www.suse.com/security/cve/CVE-2024-53203.html
• https://www.suse.com/security/cve/CVE-2024-56592.html
• https://www.suse.com/security/cve/CVE-2024-56600.html
• https://www.suse.com/security/cve/CVE-2024-56601.html
• https://www.suse.com/security/cve/CVE-2024-56608.html
• https://www.suse.com/security/cve/CVE-2024-56610.html
• https://www.suse.com/security/cve/CVE-2024-56633.html
• https://www.suse.com/security/cve/CVE-2024-56650.html
• https://www.suse.com/security/cve/CVE-2024-56658.html
• https://www.suse.com/security/cve/CVE-2024-56665.html
• https://www.suse.com/security/cve/CVE-2024-56679.html
• https://www.suse.com/security/cve/CVE-2024-56693.html
• https://www.suse.com/security/cve/CVE-2024-56707.html
• https://www.suse.com/security/cve/CVE-2024-56715.html
• https://www.suse.com/security/cve/CVE-2024-56725.html
• https://www.suse.com/security/cve/CVE-2024-56726.html
• https://www.suse.com/security/cve/CVE-2024-56727.html
• https://www.suse.com/security/cve/CVE-2024-56728.html
• https://www.suse.com/security/cve/CVE-2024-56763.html
• https://www.suse.com/security/cve/CVE-2024-57802.html
• https://www.suse.com/security/cve/CVE-2024-57882.html
• https://www.suse.com/security/cve/CVE-2024-57884.html
• https://www.suse.com/security/cve/CVE-2024-57917.html
• https://www.suse.com/security/cve/CVE-2024-57931.html
• https://www.suse.com/security/cve/CVE-2024-57938.html
• https://www.suse.com/security/cve/CVE-2024-57946.html
• https://www.suse.com/security/cve/CVE-2025-21652.html
• https://www.suse.com/security/cve/CVE-2025-21653.html
• https://www.suse.com/security/cve/CVE-2025-21655.html
• https://www.suse.com/security/cve/CVE-2025-21663.html
• https://www.suse.com/security/cve/CVE-2025-21664.html
• https://www.suse.com/security/cve/CVE-2025-21665.html
• https://www.suse.com/security/cve/CVE-2025-21666.html
• https://www.suse.com/security/cve/CVE-2025-21667.html
• https://www.suse.com/security/cve/CVE-2025-21668.html
• https://www.suse.com/security/cve/CVE-2025-21669.html
• https://www.suse.com/security/cve/CVE-2025-21670.html
• https://www.suse.com/security/cve/CVE-2025-21673.html
• https://www.suse.com/security/cve/CVE-2025-21674.html
• https://www.suse.com/security/cve/CVE-2025-21675.html
• https://www.suse.com/security/cve/CVE-2025-21676.html
• https://www.suse.com/security/cve/CVE-2025-21678.html
• https://www.suse.com/security/cve/CVE-2025-21681.html
• https://www.suse.com/security/cve/CVE-2025-21682.html
• https://bugzilla.suse.com/show_bug.cgi?id=1215199
• https://bugzilla.suse.com/show_bug.cgi?id=1222803
• https://bugzilla.suse.com/show_bug.cgi?id=1224049
• https://bugzilla.suse.com/show_bug.cgi?id=1226980
• https://bugzilla.suse.com/show_bug.cgi?id=1227937
• https://bugzilla.suse.com/show_bug.cgi?id=1231088
• https://bugzilla.suse.com/show_bug.cgi?id=1232101
• https://bugzilla.suse.com/show_bug.cgi?id=1232161
• https://bugzilla.suse.com/show_bug.cgi?id=1233028
• https://bugzilla.suse.com/show_bug.cgi?id=1233221
• https://bugzilla.suse.com/show_bug.cgi?id=1233248
• https://bugzilla.suse.com/show_bug.cgi?id=1233522
• https://bugzilla.suse.com/show_bug.cgi?id=1233778
• https://bugzilla.suse.com/show_bug.cgi?id=1234070
• https://bugzilla.suse.com/show_bug.cgi?id=1234683
• https://bugzilla.suse.com/show_bug.cgi?id=1234693
• https://bugzilla.suse.com/show_bug.cgi?id=1234947
• https://bugzilla.suse.com/show_bug.cgi?id=1235001
• https://bugzilla.suse.com/show_bug.cgi?id=1235217
• https://bugzilla.suse.com/show_bug.cgi?id=1235230
• https://bugzilla.suse.com/show_bug.cgi?id=1235244
• https://bugzilla.suse.com/show_bug.cgi?id=1235390
• https://bugzilla.suse.com/show_bug.cgi?id=1235418
• https://bugzilla.suse.com/show_bug.cgi?id=1235430
• https://bugzilla.suse.com/show_bug.cgi?id=1235441
• https://bugzilla.suse.com/show_bug.cgi?id=1235485
• https://bugzilla.suse.com/show_bug.cgi?id=1235487
• https://bugzilla.suse.com/show_bug.cgi?id=1235489
• https://bugzilla.suse.com/show_bug.cgi?id=1235498
• https://bugzilla.suse.com/show_bug.cgi?id=1235545
• https://bugzilla.suse.com/show_bug.cgi?id=1235578
• https://bugzilla.suse.com/show_bug.cgi?id=1235582
• https://bugzilla.suse.com/show_bug.cgi?id=1235583
• https://bugzilla.suse.com/show_bug.cgi?id=1235612
• https://bugzilla.suse.com/show_bug.cgi?id=1235638
• https://bugzilla.suse.com/show_bug.cgi?id=1235656
• https://bugzilla.suse.com/show_bug.cgi?id=1235686
• https://bugzilla.suse.com/show_bug.cgi?id=1235865
• https://bugzilla.suse.com/show_bug.cgi?id=1235874
• https://bugzilla.suse.com/show_bug.cgi?id=1235914
• https://bugzilla.suse.com/show_bug.cgi?id=1235941
• https://bugzilla.suse.com/show_bug.cgi?id=1235948
• https://bugzilla.suse.com/show_bug.cgi?id=1236127
• https://bugzilla.suse.com/show_bug.cgi?id=1236160
• https://bugzilla.suse.com/show_bug.cgi?id=1236161
• https://bugzilla.suse.com/show_bug.cgi?id=1236163
• https://bugzilla.suse.com/show_bug.cgi?id=1236182
• https://bugzilla.suse.com/show_bug.cgi?id=1236192
• https://bugzilla.suse.com/show_bug.cgi?id=1236245
• https://bugzilla.suse.com/show_bug.cgi?id=1236247
• https://bugzilla.suse.com/show_bug.cgi?id=1236260
• https://bugzilla.suse.com/show_bug.cgi?id=1236262
• https://bugzilla.suse.com/show_bug.cgi?id=1236628
• https://bugzilla.suse.com/show_bug.cgi?id=1236680
• https://bugzilla.suse.com/show_bug.cgi?id=1236681
• https://bugzilla.suse.com/show_bug.cgi?id=1236682
• https://bugzilla.suse.com/show_bug.cgi?id=1236683
• https://bugzilla.suse.com/show_bug.cgi?id=1236684
• https://bugzilla.suse.com/show_bug.cgi?id=1236685
• https://bugzilla.suse.com/show_bug.cgi?id=1236688
• https://bugzilla.suse.com/show_bug.cgi?id=1236689
• https://bugzilla.suse.com/show_bug.cgi?id=1236694
• https://bugzilla.suse.com/show_bug.cgi?id=1236696
• https://bugzilla.suse.com/show_bug.cgi?id=1236698
• https://bugzilla.suse.com/show_bug.cgi?id=1236702
• https://bugzilla.suse.com/show_bug.cgi?id=1236703
• https://bugzilla.suse.com/show_bug.cgi?id=1236732
• https://bugzilla.suse.com/show_bug.cgi?id=1236733
• https://bugzilla.suse.com/show_bug.cgi?id=1236757
• https://bugzilla.suse.com/show_bug.cgi?id=1236758
• https://bugzilla.suse.com/show_bug.cgi?id=1236759
• https://bugzilla.suse.com/show_bug.cgi?id=1236760
• https://bugzilla.suse.com/show_bug.cgi?id=1236761
• https://jira.suse.com/browse/PED-12094
• https://jira.suse.com/browse/PED-7242