SUSE-SU-2026:20015-1
Vulnerability Summary
Timeline
Description
Security update for the Linux Kernel The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50253: bpf: make sure skb->len != 0 when redirecting to a tunneling device (bsc#1249912). - CVE-2025-37916: pds_core: remove write-after-free of client_id (bsc#1243474). - CVE-2025-38084: mm/hugetlb: unshare page tables during VMA split, not before (bsc#1245431 bsc#1245498). - CVE-2025-38085: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245431 bsc#1245499). - CVE-2025-38321: smb: Log an error when close_all_cached_dirs fails (bsc#1246328). - CVE-2025-38728: smb3: fix for slab out of bounds on mount to ksmbd (bsc#1249256). - CVE-2025-39805: net: macb: fix unregister_netdev call order in macb_remove() (bsc#1249982). - CVE-2025-39819: fs/smb: Fix inconsistent refcnt update (bsc#1250176). - CVE-2025-39822: io_uring/kbuf: fix signedness in this_len calculation (bsc#1250034). - CVE-2025-39831: fbnic: Move phylink resume out of service_task and into open/close (bsc#1249977). - CVE-2025-39859: ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog (bsc#1250252). - CVE-2025-39897: net: xilinx: axienet: Add error handling for RX metadata pointer retrieval (bsc#1250746). - CVE-2025-39917: bpf: Fix out-of-bounds dynptr write in bpf_crypto_crypt (bsc#1250723). - CVE-2025-39944: octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp() (bsc#1251120). - CVE-2025-39961: iommu/amd/pgtbl: Fix possible race while increase page table level (bsc#1251817). - CVE-2025-39980: nexthop: Forbid FDB status change while nexthop is in a group (bsc#1252063). - CVE-2025-39990: bpf: Check the helper function is valid in get_helper_proto (bsc#1252054). - CVE-2025-40001: scsi: mvsas: Fix use-after-free bugs in mvs_work_queue (bsc#1252303). - CVE-2025-40003: net: mscc: ocelot: Fix use-after-free caused by cyclic delayed work (bsc#1252301). - CVE-2025-40006: mm/hugetlb: fix folio is still mapped when deleted (bsc#1252342). - CVE-2025-40021: tracing: dynevent: Add a missing lockdown check on dynevent (bsc#1252681). - CVE-2025-40024: vhost: Take a reference on the task in struct vhost_task (bsc#1252686). - CVE-2025-40027: net/9p: fix double req put in p9_fd_cancelled (bsc#1252763). - CVE-2025-40031: tee: fix register_shm_helper() (bsc#1252779). - CVE-2025-40033: remoteproc: pru: Fix potential NULL pointer dereference in pru_rproc_set_ctable() (bsc#1252824). - CVE-2025-40038: KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid (bsc#1252817). - CVE-2025-40047: io_uring/waitid: always prune wait queue entry in io_waitid_wait() (bsc#1252790). - CVE-2025-40053: net: dlink: handle copy_thresh allocation failure (bsc#1252808). - CVE-2025-40055: ocfs2: fix double free in user_cluster_connect() (bsc#1252821). - CVE-2025-40059: coresight: Fix incorrect handling for return value of devm_kzalloc (bsc#1252809). - CVE-2025-40064: smc: Fix use-after-free in __pnet_find_base_ndev() (bsc#1252845). - CVE-2025-40070: pps: fix warning in pps_register_cdev when register device fail (bsc#1252836). - CVE-2025-40074: tcp: convert to dev_net_rcu() (bsc#1252794). - CVE-2025-40075: tcp_metrics: use dst_dev_net_rcu() (bsc#1252795). - CVE-2025-40081: perf: arm_spe: Prevent overflow in PERF_IDX2OFF() (bsc#1252776). - CVE-2025-40083: net/sched: sch_qfq: Fix null-deref in agg_dequeue (bsc#1252912). - CVE-2025-40086: drm/xe: Don't allow evicting of BOs in same VM in array of VM binds (bsc#1252923). - CVE-2025-40098: ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_get_acpi_mute_state() (bsc#1252917). - CVE-2025-40101: btrfs: fix memory leaks when rejecting a non SINGLE data profile without an RST (bsc#1252901). - CVE-2025-40102: KVM: arm64: Prevent access to vCPU events before init (bsc#1252919). - CVE-2025-40105: vfs: Don't leak disconnected dentries on umount (bsc#1252928). - CVE-2025-40133: mptcp: Call dst_release() in mptcp_active_enable() (bsc#1253328). - CVE-2025-40134: dm: fix NULL pointer dereference in __dm_suspend() (bsc#1253386). - CVE-2025-40135: ipv6: use RCU in ip6_xmit() (bsc#1253342). - CVE-2025-40139: smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set() (bsc#1253409). - CVE-2025-40149: tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock() (bsc#1253355). - CVE-2025-40153: mm: hugetlb: avoid soft lockup when mprotect to large memory area (bsc#1253408). - CVE-2025-40157: EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller (bsc#1253423). - CVE-2025-40158: ipv6: use RCU in ip6_output() (bsc#1253402). - CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253403). - CVE-2025-40168: smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match() (bsc#1253427). - CVE-2025-40169: bpf: Reject negative offsets for ALU ops (bsc#1253416). - CVE-2025-40173: net/ip6_tunnel: Prevent perpetual tunnel growth (bsc#1253421). - CVE-2025-40175: idpf: cleanup remaining SKBs in PTP flows (bsc#1253426). - CVE-2025-40176: tls: wait for pending async decryptions if tls_strp_msg_hold fails (bsc#1253425). - CVE-2025-40178: pid: Add a judgment for ns null in pid_nr_ns (bsc#1253463). - CVE-2025-40185: ice: ice_adapter: release xa entry on adapter allocation failure (bsc#1253394). - CVE-2025-40201: kernel/sys.c: fix the racy usage of task_lock(tsk->group_leader) in sys_prlimit64() paths (bsc#1253455). - CVE-2025-40203: listmount: don't call path_put() under namespace semaphore (bsc#1253457). The following non security issues were fixed: - ACPI: scan: Update honor list for RPMI System MSI (stable-fixes). - ACPICA: Update dsmethod.c to get rid of unused variable warning (stable-fixes). - Disable CONFIG_CPU5_WDT The cpu5wdt driver doesn't implement a proper watchdog interface and has many code issues. It only handles obscure and obsolete hardware. Stop building and supporting this driver (jsc#PED-14062). - Fix "drm/xe: Don't allow evicting of BOs in same VM in array of VM binds" (bsc#1252923) - KVM: SVM: Delete IRTE link from previous vCPU before setting new IRTE (git-fixes). - KVM: SVM: Delete IRTE link from previous vCPU irrespective of new routing (git-fixes). - KVM: SVM: Mark VMCB_LBR dirty when MSR_IA32_DEBUGCTLMSR is updated (git-fixes). - KVM: s390: improve interrupt cpu for wakeup (bsc#1235463). - KVM: s390: kABI backport for 'last_sleep_cpu' (bsc#1252352). - KVM: x86/mmu: Return -EAGAIN if userspace deletes/moves memslot during prefault (git-fixes). - PCI/ERR: Update device error_state already after reset (stable-fixes). - PM: EM: Slightly reduce em_check_capacity_update() overhead (stable-fixes). - Revert "net/mlx5e: Update and set Xon/Xoff upon MTU set" (git-fixes). - Revert "net/mlx5e: Update and set Xon/Xoff upon port speed set" (git-fixes). - Update config files: enable zstd module decompression (jsc#PED-14115). - bpf/selftests: Fix test_tcpnotify_user (bsc#1253635). - btrfs: do not clear read-only when adding sprout device (bsc#1253238). - btrfs: do not update last_log_commit when logging inode due to a new name (git-fixes). - dm: fix queue start/stop imbalance under suspend/load/resume races (bsc#1253386) - drm/amd/display: Add AVI infoframe copy in copy_stream_update_to_stream (stable-fixes). - drm/amd/display: update color on atomic commit time (stable-fixes). - drm/amd/display: update dpp/disp clock from smu clock table (stable-fixes). - drm/radeon: delete radeon_fence_process in is_signaled, no deadlock (stable-fixes). - hwmon: (lenovo-ec-sensors) Update P8 supprt (stable-fixes). - media: amphion: Delete v4l2_fh synchronously in .release() (stable-fixes). - mount: handle NULL values in mnt_ns_release() (bsc#1254308) - net/smc: Remove validation of reserved bits in CLC Decline (bsc#1252357). - net: phy: move realtek PHY driver to its own subdirectory (jsc#PED-14353). - net: phy: realtek: add defines for shadowed c45 standard registers (jsc#PED-14353). - net: phy: realtek: add helper RTL822X_VND2_C22_REG (jsc#PED-14353). - net: phy: realtek: change order of calls in C22 read_status() (jsc#PED-14353). - net: phy: realtek: clear 1000Base-T link partner advertisement (jsc#PED-14353). - net: phy: realtek: improve mmd register access for internal PHY's (jsc#PED-14353). - net: phy: realtek: read duplex and gbit master from PHYSR register (jsc#PED-14353). - net: phy: realtek: switch from paged to MMD ops in rtl822x functions (jsc#PED-14353). - net: phy: realtek: use string choices helpers (jsc#PED-14353). - net: xilinx: axienet: Fix IRQ coalescing packet count overflow (bsc#1250746) - net: xilinx: axienet: Fix RX skb ring management in DMAengine mode (bsc#1250746) - net: xilinx: axienet: Fix Tx skb circular buffer occupancy check in dmaengine xmit (bsc#1250746) - nvmet-auth: update sc_c in host response (git-fixes bsc#1249397). - nvmet-auth: update sc_c in target host hash calculation (git-fixes). - perf list: Add IBM z17 event descriptions (jsc#PED-13611). - platform/x86:intel/pmc: Update Arrow Lake telemetry GUID (git-fixes). - powercap: intel_rapl: Add support for Panther Lake platform (jsc#PED-13949). - pwm: pca9685: Use bulk write to atomicially update registers (stable-fixes). - r8169: add PHY c45 ops for MDIO_MMD_VENDOR2 registers (jsc#PED-14353). - r8169: add support for Intel Killer E5000 (jsc#PED-14353). - r8169: add support for RTL8125BP rev.b (jsc#PED-14353). - r8169: add support for RTL8125D rev.b (jsc#PED-14353). - r8169: adjust version numbering for RTL8126 (jsc#PED-14353). - r8169: align RTL8125 EEE config with vendor driver (jsc#PED-14353). - r8169: align RTL8125/RTL8126 PHY config with vendor driver (jsc#PED-14353). - r8169: align RTL8126 EEE config with vendor driver (jsc#PED-14353). - r8169: align WAKE_PHY handling with r8125/r8126 vendor drivers (jsc#PED-14353). - r8169: avoid duplicated messages if loading firmware fails and switch to warn level (jsc#PED-14353). - r8169: don't take RTNL lock in rtl_task() (jsc#PED-14353). - r8169: enable EEE at 2.5G per default on RTL8125B (jsc#PED-14353). - r8169: enable RTL8168H/RTL8168EP/RTL8168FP ASPM support (jsc#PED-14353). - r8169: fix inconsistent indenting in rtl8169_get_eth_mac_stats (jsc#PED-14353). - r8169: implement additional ethtool stats ops (jsc#PED-14353). - r8169: improve __rtl8169_set_wol (jsc#PED-14353). - r8169: improve initialization of RSS registers on RTL8125/RTL8126 (jsc#PED-14353). - r8169: improve rtl_set_d3_pll_down (jsc#PED-14353). - r8169: increase max jumbo packet size on RTL8125/RTL8126 (jsc#PED-14353). - r8169: remove leftover locks after reverted change (jsc#PED-14353). - r8169: remove original workaround for RTL8125 broken rx issue (jsc#PED-14353). - r8169: remove rtl_dash_loop_wait_high/low (jsc#PED-14353). - r8169: remove support for chip version 11 (jsc#PED-14353). - r8169: remove unused flag RTL_FLAG_TASK_RESET_NO_QUEUE_WAKE (jsc#PED-14353). - r8169: replace custom flag with disable_work() et al (jsc#PED-14353). - r8169: switch away from deprecated pcim_iomap_table (jsc#PED-14353). - r8169: use helper r8169_mod_reg8_cond to simplify rtl_jumbo_config (jsc#PED-14353). - ring-buffer: Update pages_touched to reflect persistent buffer content (git-fixes). - s390/mm: Fix __ptep_rdp() inline assembly (bsc#1253643). - sched/fair: Get rid of sched_domains_curr_level hack for tl->cpumask() (bsc#1246843). - sched/fair: Have SD_SERIALIZE affect newidle balancing (bsc#1248792). - sched/fair: Proportional newidle balance (bsc#1248792). - sched/fair: Proportional newidle balance -KABI (bsc#1248792). - sched/fair: Revert max_newidle_lb_cost bump (bsc#1248792). - sched/fair: Skip sched_balance_running cmpxchg when balance is not due (bsc#1248792). - sched/fair: Small cleanup to sched_balance_newidle() (bsc#1248792). - sched/fair: Small cleanup to update_newidle_cost() (bsc#1248792). - scsi: lpfc: Add capability to register Platform Name ID to fabric (bsc#1254119). - scsi: lpfc: Allow support for BB credit recovery in point-to-point topology (bsc#1254119). - scsi: lpfc: Ensure unregistration of rpis for received PLOGIs (bsc#1254119). - scsi: lpfc: Fix leaked ndlp krefs when in point-to-point topology (bsc#1254119). - scsi: lpfc: Fix reusing an ndlp that is marked NLP_DROPPED during FLOGI (bsc#1254119). - scsi: lpfc: Modify kref handling for Fabric Controller ndlps (bsc#1254119). - scsi: lpfc: Remove redundant NULL ptr assignment in lpfc_els_free_iocb() (bsc#1254119). - scsi: lpfc: Revise discovery related function headers and comments (bsc#1254119). - scsi: lpfc: Update lpfc version to 14.4.0.12 (bsc#1254119). - scsi: lpfc: Update various NPIV diagnostic log messaging (bsc#1254119). - selftests/run_kselftest.sh: Add `--skip` argument option (bsc#1254221). - smpboot: introduce SDTL_INIT() helper to tidy sched topology setup (bsc#1246843). - soc/tegra: fuse: speedo-tegra210: Update speedo IDs (git-fixes). - spi: tegra210-quad: Check hardware status on timeout (bsc#1253155) - spi: tegra210-quad: Fix timeout handling (bsc#1253155) - spi: tegra210-quad: Refactor error handling into helper functions (bsc#1253155) - spi: tegra210-quad: Update dummy sequence configuration (git-fixes) - tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork (bsc#1250705). - wifi: ath11k: Add quirk entries for Thinkpad T14s Gen3 AMD (bsc#1254181). - wifi: mt76: do not add wcid entries to sta poll list during MCU reset (bsc#1254315). - wifi: mt76: introduce mt792x_config_mac_addr_list routine (bsc#1254315). - wifi: mt76: mt7925: Fix logical vs bitwise typo (bsc#1254315). - wifi: mt76: mt7925: Remove unnecessary if-check (bsc#1254315). - wifi: mt76: mt7925: Simplify HIF suspend handling to avoid suspend fail (bsc#1254315). - wifi: mt76: mt7925: add EHT control support based on the CLC data (bsc#1254315). - wifi: mt76: mt7925: add handler to hif suspend/resume event (bsc#1254315). - wifi: mt76: mt7925: add pci restore for hibernate (bsc#1254315). - wifi: mt76: mt7925: config the dwell time by firmware (bsc#1254315). - wifi: mt76: mt7925: extend MCU support for testmode (bsc#1254315). - wifi: mt76: mt7925: fix CLC command timeout when suspend/resume (bsc#1254315). - wifi: mt76: mt7925: fix missing hdr_trans_tlv command for broadcast wtbl (bsc#1254315). - wifi: mt76: mt7925: fix the unfinished command of regd_notifier before suspend (bsc#1254315). - wifi: mt76: mt7925: refine the txpower initialization flow (bsc#1254315). - wifi: mt76: mt7925: replace zero-length array with flexible-array member (bsc#1254315). - wifi: mt76: mt7925: update the channel usage when the regd domain changed (bsc#1254315). - wifi: mt76: mt7925e: fix too long of wifi resume time (bsc#1254315). - x86/smpboot: avoid SMT domain attach/destroy if SMT is not enabled (bsc#1246843). - x86/smpboot: moves x86_topology to static initialize and truncate (bsc#1246843). - x86/smpboot: remove redundant CONFIG_SCHED_SMT (bsc#1246843).
Affected Systems
- suse•kernel-64kb&distro=SUSE Linux Enterprise Server 16.0
< 6.12.0-160000.8.1
- suse•kernel-64kb&distro=SUSE Linux Enterprise Server for SAP applications 16.0
< 6.12.0-160000.8.1
- suse•kernel-default-base&distro=SUSE Linux Enterprise Server 16.0
< 6.12.0-160000.8.1.160000.2.5
- suse•kernel-default-base&distro=SUSE Linux Enterprise Server for SAP applications 16.0
< 6.12.0-160000.8.1.160000.2.5
- suse•kernel-default&distro=SUSE Linux Enterprise Server 16.0
< 6.12.0-160000.8.1
- suse•kernel-default&distro=SUSE Linux Enterprise Server for SAP applications 16.0
< 6.12.0-160000.8.1
- suse•kernel-docs&distro=SUSE Linux Enterprise Server 16.0
< 6.12.0-160000.8.1
- suse•kernel-docs&distro=SUSE Linux Enterprise Server for SAP applications 16.0
< 6.12.0-160000.8.1
- suse•kernel-kvmsmall&distro=SUSE Linux Enterprise Server 16.0
< 6.12.0-160000.8.1
- suse•kernel-kvmsmall&distro=SUSE Linux Enterprise Server for SAP applications 16.0
< 6.12.0-160000.8.1
- suse•kernel-obs-qa&distro=SUSE Linux Enterprise Server 16.0
< 6.12.0-160000.8.1
- suse•kernel-obs-qa&distro=SUSE Linux Enterprise Server for SAP applications 16.0
< 6.12.0-160000.8.1
- suse•kernel-source&distro=SUSE Linux Enterprise Server 16.0
< 6.12.0-160000.8.1
- suse•kernel-source&distro=SUSE Linux Enterprise Server for SAP applications 16.0
< 6.12.0-160000.8.1
- suse•kernel-syms&distro=SUSE Linux Enterprise Server 16.0
< 6.12.0-160000.8.1
- suse•kernel-syms&distro=SUSE Linux Enterprise Server for SAP applications 16.0
< 6.12.0-160000.8.1
- suse•kernel-zfcpdump&distro=SUSE Linux Enterprise Server 16.0
< 6.12.0-160000.8.1
- suse•kernel-zfcpdump&distro=SUSE Linux Enterprise Server for SAP applications 16.0
< 6.12.0-160000.8.1
References (220)
- https://www.suse.com/support/update/announcement/2026/suse-su-202620015-1/
- https://bugzilla.suse.com/1235463
- https://bugzilla.suse.com/1243474
- https://bugzilla.suse.com/1245193
- https://bugzilla.suse.com/1245431
- https://bugzilla.suse.com/1245498
- https://bugzilla.suse.com/1245499
- https://bugzilla.suse.com/1246328
- https://bugzilla.suse.com/1246843
- https://bugzilla.suse.com/1247500
- https://bugzilla.suse.com/1248792
- https://bugzilla.suse.com/1249256
- https://bugzilla.suse.com/1249397
- https://bugzilla.suse.com/1249912
- https://bugzilla.suse.com/1249977
- https://bugzilla.suse.com/1249982
- https://bugzilla.suse.com/1250034
- https://bugzilla.suse.com/1250176
- https://bugzilla.suse.com/1250237
- https://bugzilla.suse.com/1250252
- https://bugzilla.suse.com/1250705
- https://bugzilla.suse.com/1250723
- https://bugzilla.suse.com/1250746
- https://bugzilla.suse.com/1251120
- https://bugzilla.suse.com/1251817
- https://bugzilla.suse.com/1252054
- https://bugzilla.suse.com/1252063
- https://bugzilla.suse.com/1252301
- https://bugzilla.suse.com/1252303
- https://bugzilla.suse.com/1252342
- https://bugzilla.suse.com/1252352
- https://bugzilla.suse.com/1252357
- https://bugzilla.suse.com/1252681
- https://bugzilla.suse.com/1252686
- https://bugzilla.suse.com/1252763
- https://bugzilla.suse.com/1252776
- https://bugzilla.suse.com/1252779
- https://bugzilla.suse.com/1252790
- https://bugzilla.suse.com/1252794
- https://bugzilla.suse.com/1252795
- https://bugzilla.suse.com/1252808
- https://bugzilla.suse.com/1252809
- https://bugzilla.suse.com/1252817
- https://bugzilla.suse.com/1252821
- https://bugzilla.suse.com/1252824
- https://bugzilla.suse.com/1252836
- https://bugzilla.suse.com/1252845
- https://bugzilla.suse.com/1252901
- https://bugzilla.suse.com/1252912
- https://bugzilla.suse.com/1252917
- https://bugzilla.suse.com/1252919
- https://bugzilla.suse.com/1252923
- https://bugzilla.suse.com/1252928
- https://bugzilla.suse.com/1253018
- https://bugzilla.suse.com/1253155
- https://bugzilla.suse.com/1253176
- https://bugzilla.suse.com/1253238
- https://bugzilla.suse.com/1253275
- https://bugzilla.suse.com/1253318
- https://bugzilla.suse.com/1253324
- https://bugzilla.suse.com/1253328
- https://bugzilla.suse.com/1253330
- https://bugzilla.suse.com/1253342
- https://bugzilla.suse.com/1253348
- https://bugzilla.suse.com/1253349
- https://bugzilla.suse.com/1253352
- https://bugzilla.suse.com/1253355
- https://bugzilla.suse.com/1253360
- https://bugzilla.suse.com/1253362
- https://bugzilla.suse.com/1253363
- https://bugzilla.suse.com/1253367
- https://bugzilla.suse.com/1253369
- https://bugzilla.suse.com/1253386
- https://bugzilla.suse.com/1253394
- https://bugzilla.suse.com/1253395
- https://bugzilla.suse.com/1253402
- https://bugzilla.suse.com/1253403
- https://bugzilla.suse.com/1253405
- https://bugzilla.suse.com/1253407
- https://bugzilla.suse.com/1253408
- https://bugzilla.suse.com/1253409
- https://bugzilla.suse.com/1253410
- https://bugzilla.suse.com/1253412
- https://bugzilla.suse.com/1253416
- https://bugzilla.suse.com/1253421
- https://bugzilla.suse.com/1253422
- https://bugzilla.suse.com/1253423
- https://bugzilla.suse.com/1253424
- https://bugzilla.suse.com/1253425
- https://bugzilla.suse.com/1253426
- https://bugzilla.suse.com/1253427
- https://bugzilla.suse.com/1253428
- https://bugzilla.suse.com/1253431
- https://bugzilla.suse.com/1253433
- https://bugzilla.suse.com/1253436
- https://bugzilla.suse.com/1253438
- https://bugzilla.suse.com/1253440
- https://bugzilla.suse.com/1253441
- https://bugzilla.suse.com/1253443
- https://bugzilla.suse.com/1253445
- https://bugzilla.suse.com/1253448
- https://bugzilla.suse.com/1253449
- https://bugzilla.suse.com/1253450
- https://bugzilla.suse.com/1253451
- https://bugzilla.suse.com/1253453
- https://bugzilla.suse.com/1253455
- https://bugzilla.suse.com/1253456
- https://bugzilla.suse.com/1253457
- https://bugzilla.suse.com/1253463
- https://bugzilla.suse.com/1253472
- https://bugzilla.suse.com/1253622
- https://bugzilla.suse.com/1253624
- https://bugzilla.suse.com/1253635
- https://bugzilla.suse.com/1253643
- https://bugzilla.suse.com/1253647
- https://bugzilla.suse.com/1254119
- https://bugzilla.suse.com/1254181
- https://bugzilla.suse.com/1254221
- https://bugzilla.suse.com/1254308
- https://bugzilla.suse.com/1254315
- https://www.suse.com/security/cve/CVE-2022-50253
- https://www.suse.com/security/cve/CVE-2025-37916
- https://www.suse.com/security/cve/CVE-2025-38084
- https://www.suse.com/security/cve/CVE-2025-38085
- https://www.suse.com/security/cve/CVE-2025-38321
- https://www.suse.com/security/cve/CVE-2025-38728
- https://www.suse.com/security/cve/CVE-2025-39805
- https://www.suse.com/security/cve/CVE-2025-39819
- https://www.suse.com/security/cve/CVE-2025-39822
- https://www.suse.com/security/cve/CVE-2025-39831
- https://www.suse.com/security/cve/CVE-2025-39859
- https://www.suse.com/security/cve/CVE-2025-39897
- https://www.suse.com/security/cve/CVE-2025-39917
- https://www.suse.com/security/cve/CVE-2025-39944
- https://www.suse.com/security/cve/CVE-2025-39961
- https://www.suse.com/security/cve/CVE-2025-39980
- https://www.suse.com/security/cve/CVE-2025-39990
- https://www.suse.com/security/cve/CVE-2025-40001
- https://www.suse.com/security/cve/CVE-2025-40003
- https://www.suse.com/security/cve/CVE-2025-40006
- https://www.suse.com/security/cve/CVE-2025-40021
- https://www.suse.com/security/cve/CVE-2025-40024
- https://www.suse.com/security/cve/CVE-2025-40027
- https://www.suse.com/security/cve/CVE-2025-40031
- https://www.suse.com/security/cve/CVE-2025-40033
- https://www.suse.com/security/cve/CVE-2025-40038
- https://www.suse.com/security/cve/CVE-2025-40047
- https://www.suse.com/security/cve/CVE-2025-40053
- https://www.suse.com/security/cve/CVE-2025-40055
- https://www.suse.com/security/cve/CVE-2025-40059
- https://www.suse.com/security/cve/CVE-2025-40064
- https://www.suse.com/security/cve/CVE-2025-40070
- https://www.suse.com/security/cve/CVE-2025-40074
- https://www.suse.com/security/cve/CVE-2025-40075
- https://www.suse.com/security/cve/CVE-2025-40081
- https://www.suse.com/security/cve/CVE-2025-40083
- https://www.suse.com/security/cve/CVE-2025-40086
- https://www.suse.com/security/cve/CVE-2025-40098
- https://www.suse.com/security/cve/CVE-2025-40101
- https://www.suse.com/security/cve/CVE-2025-40102
- https://www.suse.com/security/cve/CVE-2025-40105
- https://www.suse.com/security/cve/CVE-2025-40107
- https://www.suse.com/security/cve/CVE-2025-40109
- https://www.suse.com/security/cve/CVE-2025-40110
- https://www.suse.com/security/cve/CVE-2025-40111
- https://www.suse.com/security/cve/CVE-2025-40115
- https://www.suse.com/security/cve/CVE-2025-40116
- https://www.suse.com/security/cve/CVE-2025-40118
- https://www.suse.com/security/cve/CVE-2025-40120
- https://www.suse.com/security/cve/CVE-2025-40121
- https://www.suse.com/security/cve/CVE-2025-40127
- https://www.suse.com/security/cve/CVE-2025-40129
- https://www.suse.com/security/cve/CVE-2025-40132
- https://www.suse.com/security/cve/CVE-2025-40133
- https://www.suse.com/security/cve/CVE-2025-40134
- https://www.suse.com/security/cve/CVE-2025-40135
- https://www.suse.com/security/cve/CVE-2025-40139
- https://www.suse.com/security/cve/CVE-2025-40140
- https://www.suse.com/security/cve/CVE-2025-40141
- https://www.suse.com/security/cve/CVE-2025-40142
- https://www.suse.com/security/cve/CVE-2025-40149
- https://www.suse.com/security/cve/CVE-2025-40153
- https://www.suse.com/security/cve/CVE-2025-40154
- https://www.suse.com/security/cve/CVE-2025-40156
- https://www.suse.com/security/cve/CVE-2025-40157
- https://www.suse.com/security/cve/CVE-2025-40158
- https://www.suse.com/security/cve/CVE-2025-40159
- https://www.suse.com/security/cve/CVE-2025-40161
- https://www.suse.com/security/cve/CVE-2025-40162
- https://www.suse.com/security/cve/CVE-2025-40164
- https://www.suse.com/security/cve/CVE-2025-40165
- https://www.suse.com/security/cve/CVE-2025-40166
- https://www.suse.com/security/cve/CVE-2025-40168
- https://www.suse.com/security/cve/CVE-2025-40169
- https://www.suse.com/security/cve/CVE-2025-40171
- https://www.suse.com/security/cve/CVE-2025-40172
- https://www.suse.com/security/cve/CVE-2025-40173
- https://www.suse.com/security/cve/CVE-2025-40175
- https://www.suse.com/security/cve/CVE-2025-40176
- https://www.suse.com/security/cve/CVE-2025-40177
- https://www.suse.com/security/cve/CVE-2025-40178
- https://www.suse.com/security/cve/CVE-2025-40180
- https://www.suse.com/security/cve/CVE-2025-40183
- https://www.suse.com/security/cve/CVE-2025-40185
- https://www.suse.com/security/cve/CVE-2025-40186
- https://www.suse.com/security/cve/CVE-2025-40187
- https://www.suse.com/security/cve/CVE-2025-40188
- https://www.suse.com/security/cve/CVE-2025-40192
- https://www.suse.com/security/cve/CVE-2025-40194
- https://www.suse.com/security/cve/CVE-2025-40196
- https://www.suse.com/security/cve/CVE-2025-40197
- https://www.suse.com/security/cve/CVE-2025-40198
- https://www.suse.com/security/cve/CVE-2025-40200
- https://www.suse.com/security/cve/CVE-2025-40201
- https://www.suse.com/security/cve/CVE-2025-40202
- https://www.suse.com/security/cve/CVE-2025-40203
- https://www.suse.com/security/cve/CVE-2025-40204
- https://www.suse.com/security/cve/CVE-2025-40205
- https://www.suse.com/security/cve/CVE-2025-40206
- https://www.suse.com/security/cve/CVE-2025-40207