SUSE-SU-2026:0587-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2026/suse-su-20260587-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:0587-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2026:0587-1
Upstream
Related
Published
2026-02-20T10:04:28Z
Modified
2026-03-23T04:52:23.385245Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues

The following security issues were fixed:

  • CVE-2023-54013: interconnect: Fix locking for runpm vs reclaim (bsc#1256280).
  • CVE-2025-39880: libceph: fix invalid accesses to cephconnectionv1_info (bsc#1250388).
  • CVE-2025-40238: net/mlx5: Fix IPsec cleanup over MPV device (bsc#1254871).
  • CVE-2025-40254: net: openvswitch: remove never-working support for setting nsh fields (bsc#1254852).
  • CVE-2025-40257: mptcp: fix a race in mptcppmdeladdtimer() (bsc#1254842).
  • CVE-2025-40259: scsi: sg: Do not sleep in atomic context (bsc#1254845).
  • CVE-2025-40261: nvme: nvme-fc: Ensure ->ioerrwork is cancelled in nvmefcdeletectrl() (bsc#1254839).
  • CVE-2025-40264: be2net: pass wrb_params in case of OS2BMC (bsc#1254835).
  • CVE-2025-40328: smb: client: fix potential UAF in smb2closecached_fid() (bsc#1254624).
  • CVE-2025-40350: net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for striding RQ (bsc#1255260).
  • CVE-2025-40355: sysfs: check visibility before changing group attribute ownership (bsc#1255261).
  • CVE-2025-40363: net: ipv6: fix field-spanning memcpy warning in AH output (bsc#1255102).
  • CVE-2025-68171: x86/fpu: Ensure XFD state on signal delivery (bsc#1255255).
  • CVE-2025-68174: amd/amdkfd: enhance kfd process check in switch partition (bsc#1255327).
  • CVE-2025-68178: blk-cgroup: fix possible deadlock while configuring policy (bsc#1255266).
  • CVE-2025-68188: tcp: use dstdevrcu() in tcpfastopenactivedisableofo_check() (bsc#1255269).
  • CVE-2025-68200: bpf: Add bpfprogrundatapointers() (bsc#1255241).
  • CVE-2025-68215: ice: fix PTP cleanup on driver removal in error path (bsc#1255226).
  • CVE-2025-68227: mptcp: Fix proto fallback detection with BPF (bsc#1255216).
  • CVE-2025-68241: ipv4: route: Prevent rtbindexception() from rebinding stale fnhe (bsc#1255157).
  • CVE-2025-68245: net: netpoll: fix incorrect refcount handling causing incorrect cleanup (bsc#1255268).
  • CVE-2025-68261: ext4: add idatasem protection in ext4destroyinlinedatanolock() (bsc#1255164).
  • CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handleauthsession_key() (bsc#1255377).
  • CVE-2025-68285: libceph: fix potential use-after-free in havemonandosdmap() (bsc#1255401).
  • CVE-2025-68296: drm, fbcon, vga_switcheroo: Avoid race condition in fbcon setup (bsc#1255128).
  • CVE-2025-68297: ceph: fix crash in processv2sparse_read() for encrypted directories (bsc#1255403).
  • CVE-2025-68301: net: atlantic: fix fragment overflow handling in RX path (bsc#1255120).
  • CVE-2025-68320: lan966x: Fix sleeping in atomic context (bsc#1255172).
  • CVE-2025-68325: net/sched: schcake: Fix incorrect qlen reduction in cakedrop (bsc#1255417).
  • CVE-2025-68327: usb: renesas_usbhs: Fix synchronous external abort on unbind (bsc#1255488).
  • CVE-2025-68337: jbd2: avoid bugon in jbd2journalgetcreate_access() when file system corrupted (bsc#1255482).
  • CVE-2025-68349: NFSv4/pNFS: Clear NFSINOLAYOUTCOMMIT in pnfsmarklayoutstateidinvalid (bsc#1255544).
  • CVE-2025-68363: bpf: Check skb->transportheader is set in bpfskbcheckmtu (bsc#1255552).
  • CVE-2025-68365: fs/ntfs3: Initialize allocated memory before use (bsc#1255548).
  • CVE-2025-68366: nbd: defer config unlock in nbdgenlconnect (bsc#1255622).
  • CVE-2025-68367: macintosh/machid: fix race condition in machidtoggleemumouse (bsc#1255547).
  • CVE-2025-68372: nbd: defer config put in recv_work (bsc#1255537).
  • CVE-2025-68379: RDMA/rxe: Fix null deref on srq->rq.queue after resize failure (bsc#1255695).
  • CVE-2025-68727: ntfs3: Fix uninit buffer allocated by __getname() (bsc#1255568).
  • CVE-2025-68728: ntfs3: fix uninit memory after failed miread in miformat_new (bsc#1255539).
  • CVE-2025-68733: smack: fix bug: unprivileged task can create labels (bsc#1255615).
  • CVE-2025-68764: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags (bsc#1255930).
  • CVE-2025-68768: inet: frags: add inetfragqueue_flush() (bsc#1256579).
  • CVE-2025-68770: bnxten: Fix XDPTX path (bsc#1256584).
  • CVE-2025-68771: ocfs2: fix kernel BUG in ocfs2findvictim_chain (bsc#1256582).
  • CVE-2025-68775: net/handshake: duplicate handshake cancellations leak socket (bsc#1256665).
  • CVE-2025-68776: net/hsr: fix NULL pointer dereference in prpgetuntagged_frame() (bsc#1256659).
  • CVE-2025-68788: fsnotify: do not generate ACCESS/MODIFY events on child for special files (bsc#1256638).
  • CVE-2025-68795: ethtool: Avoid overflowing userspace buffer on stats query (bsc#1256688).
  • CVE-2025-68798: perf/x86/amd: Check event before enable to avoid GPF (bsc#1256689).
  • CVE-2025-68800: mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats (bsc#1256646).
  • CVE-2025-68801: mlxsw: spectrum_router: Fix neighbour use-after-free (bsc#1256653).
  • CVE-2025-68803: nfsd: set security label during create operations (bsc#1256770).
  • CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256641).
  • CVE-2025-68814: io_uring: fix filename leak in __ioopenatprep() (bsc#1256651).
  • CVE-2025-68815: net/sched: ets: Remove drr class from the active list if it changes to strict (bsc#1256680).
  • CVE-2025-68816: net/mlx5: fw_tracer, Validate format string parameters (bsc#1256674).
  • CVE-2025-68820: ext4: xattr: fix null pointer deref in ext4rawinode() (bsc#1256754).
  • CVE-2025-71064: net: hns3: using the num_tqps in the vf driver to apply for resources (bsc#1256654).
  • CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in etsqdiscchange (bsc#1256645).
  • CVE-2025-71077: tpm: Cap the number of PCR banks (bsc#1256613).
  • CVE-2025-71080: ipv6: fix a BUG in rt6getpcpuroute() under PREEMPTRT (bsc#1256608).
  • CVE-2025-71084: RDMA/cm: Fix leaking the multicast GID table reference (bsc#1256622).
  • CVE-2025-71085: ipv6: BUG() in pskbexpandhead() as part of calipsoskbuffsetattr() (bsc#1256623).
  • CVE-2025-71087: iavf: fix off-by-one issues in iavfconfigrss_reg() (bsc#1256628).
  • CVE-2025-71088: mptcp: fallback earlier on simult connection (bsc#1256630).
  • CVE-2025-71089: iommu: disable SVA when CONFIG_X86 is set (bsc#1256612).
  • CVE-2025-71091: team: fix check for port enabled in teamqueueoverrideportprio_changed() (bsc#1256773).
  • CVE-2025-71093: e1000: fix OOB in e1000tbishould_accept() (bsc#1256777).
  • CVE-2025-71094: net: usb: asix: ax88772: Increase phy_name size (bsc#1256597).
  • CVE-2025-71095: net: stmmac: fix the crash issue for zero copy XDP_TX action (bsc#1256605).
  • CVE-2025-71096: RDMA/core: Check for the presence of LSNLATYPE_DGID correctly (bsc#1256606).
  • CVE-2025-71097: ipv4: Fix reference count leak when using error routes with nexthop objects (bsc#1256607).
  • CVE-2025-71098: ip6gre: make ip6greheader() robust (bsc#1256591).
  • CVE-2025-71112: net: hns3: add VLAN id validation before using (bsc#1256726).
  • CVE-2025-71116: libceph: make decode_pool() more resilient against corrupted osdmaps (bsc#1256744).
  • CVE-2025-71120: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in gssreadproxy_verf (bsc#1256779).
  • CVE-2025-71123: ext4: fix string copying in parseapplysbmountoptions() (bsc#1256757).
  • CVE-2025-71133: RDMA/irdma: avoid invalid read in irdmanetevent (bsc#1256733).
  • CVE-2025-71135: md/raid5: fix possible null-pointer dereferences in raid5storegroupthreadcnt() (bsc#1256761).
  • CVE-2025-71137: octeontx2-pf: fix 'UBSAN: shift-out-of-bounds error' (bsc#1256760).
  • CVE-2025-71149: iouring/poll: correctly handle iopoll_add() return value on update (bsc#1257164).
  • CVE-2025-71156: gve: defer interrupt enabling until NAPI registration (bsc#1257167).
  • CVE-2025-71157: RDMA/core: always drop device refcount in ibdelsubdeviceand_put() (bsc#1257168).
  • CVE-2026-22976: net/sched: schqfq: Fix NULL deref when deactivating inactive aggregate in qfqreset (bsc#1257035).
  • CVE-2026-22977: net: sock: fix hardened usercopy panic in sockrecverrqueue (bsc#1257053).
  • CVE-2026-22984: libceph: prevent potential out-of-bounds reads in handleauthdone() (bsc#1257217).
  • CVE-2026-22990: libceph: replace overzealous BUGON in osdmapapply_incremental() (bsc#1257221).
  • CVE-2026-22991: libceph: make freechoosearg_map() resilient to partial allocation (bsc#1257220).
  • CVE-2026-22992: libceph: return the handler error from monhandleauth_done() (bsc#1257218).
  • CVE-2026-22993: idpf: Fix RSS LUT NULL pointer crash on early ethtool operations (bsc#1257180).
  • CVE-2026-22996: net/mlx5e: Don't store mlx5epriv in mlx5edev devlink priv.
  • CVE-2026-22999: net/sched: schqfq: do not free existing class in qfqchange_class() (bsc#1257236).
  • CVE-2026-23000: net/mlx5e: Fix crash on profile change rollback failure (bsc#1257234).
  • CVE-2026-23001: macvlan: fix possible UAF in macvlanforwardsource() (bsc#1257232).
  • CVE-2026-23005: x86/fpu: Clear XSTATE_BV in guest XSAVE state whenever XFD[i]=1 (bsc#1257245).
  • CVE-2026-23011: ipv4: ipgre: make ipgreheader() robust (bsc#1257207).

The following non security issues were fixed:

  • ALSA: ctxfi: Fix potential OOB access in audio mixer handling (stable-fixes).
  • ALSA: scarlett2: Fix buffer overflow in config retrieval (git-fixes).
  • ALSA: usb-audio: Fix use-after-free in sndusbmixer_free() (git-fixes).
  • ALSA: usb-audio: Update for native DSD support quirks (stable-fixes).
  • ALSA: usb: Increase volume range that triggers a warning (git-fixes).
  • ASoC: Intel: sof_es8336: fix headphone GPIO logic inversion (git-fixes).
  • ASoC: amd: yc: Add quirk for Honor MagicBook X16 2025 (stable-fixes).
  • ASoC: codecs: wsa881x: Drop unused version readout (stable-fixes).
  • ASoC: codecs: wsa881x: fix unnecessary initialisation (git-fixes).
  • ASoC: codecs: wsa883x: fix unnecessary initialisation (git-fixes).
  • ASoC: codecs: wsa884x: fix codec initialisation (git-fixes).
  • ASoC: fsl: imx-card: Do not force slot width to sample width (git-fixes).
  • ASoC: fsl_sai: Add missing registers to cache default (stable-fixes).
  • ASoC: tlv320adcx140: fix null pointer (git-fixes).
  • ASoC: tlv320adcx140: fix word length (git-fixes).
  • Bluetooth: MGMT: Fix memory leak in setsspcomplete (git-fixes).
  • Bluetooth: hciuart: fix null-ptr-deref in hciuartwritework (git-fixes).
  • HID: usbhid: paper over wrong bNumDescriptor field (stable-fixes).
  • Input: i8042 - add quirk for ASUS Zenbook UX425QA_UM425QA (stable-fixes).
  • Input: i8042 - add quirks for MECHREVO Wujie 15X Pro (stable-fixes).
  • NFS: Fix up the automount fs_context to use the correct cred (git-fixes).
  • NFSD/blocklayout: Fix minlength check in proc_layoutget (git-fixes).
  • NFSD: Fix permission check for read access to executable-only files (git-fixes).
  • NFSD: use correct reservation type in nfsd4scsifence_client (git-fixes).
  • NFSv4: ensure the open stateid seqid doesn't go backwards (git-fixes).
  • RDMA/mana_ib: Access remote atomic for MRs (git-fixes).
  • RDMA/mana_ib: Add device statistics support (git-fixes).
  • RDMA/mana_ib: Add port statistics support (git-fixes).
  • RDMA/mana_ib: Add support of 4M, 1G, and 2G pages (git-fixes).
  • RDMA/manaib: Add support of manaib for RNIC and ETH nic (git-fixes).
  • RDMA/mana_ib: Allow registration of DMA-mapped memory in PDs (git-fixes).
  • RDMA/mana_ib: Create and destroy UD/GSI QP (git-fixes).
  • RDMA/mana_ib: Drain send wrs of GSI QP (git-fixes).
  • RDMA/mana_ib: Extend modify QP (git-fixes).
  • RDMA/mana_ib: Fix error code in probe() (git-fixes).
  • RDMA/mana_ib: Fix integer overflow during queue creation (git-fixes).
  • RDMA/mana_ib: Handle net event for pointing to the current netdev (bsc#1256690).
  • RDMA/mana_ib: Implement DMABUF MR support (git-fixes).
  • RDMA/manaib: Query featureflags bitmask from FW (git-fixes).
  • RDMA/mana_ib: UD/GSI QP creation for kernel (git-fixes).
  • RDMA/mana_ib: UD/GSI work requests (git-fixes).
  • RDMA/mana_ib: Use safer allocation function() (git-fixes).
  • RDMA/mana_ib: add additional port counters (git-fixes).
  • RDMA/mana_ib: add support of multiple ports (git-fixes).
  • RDMA/mana_ib: check cqe length for kernel CQs (git-fixes).
  • RDMA/mana_ib: create kernel-level CQs (git-fixes).
  • RDMA/mana_ib: create/destroy AH (git-fixes).
  • RDMA/mana_ib: extend mana QP table (git-fixes).
  • RDMA/mana_ib: helpers to allocate kernel queues (git-fixes).
  • RDMA/manaib: implement getdma_mr (git-fixes).
  • RDMA/manaib: implement reqnotify_cq (git-fixes).
  • RDMA/mana_ib: indicate CM support (git-fixes).
  • RDMA/mana_ib: polling of CQs for GSI/UD (git-fixes).
  • RDMA/mana_ib: request error CQEs when supported (git-fixes).
  • RDMA/mana_ib: support of the zero based MRs (git-fixes).
  • RDMA/manaib: unify manaib functions to support any gdma device (git-fixes).
  • Revert 'nfc/nci: Add the inconsistency check between the input data length and count' (git-fixes).
  • USB: OHCI/UHCI: Add soft dependencies on ehci_platform (stable-fixes).
  • USB: serial: ftdi_sio: add support for PICAXE AXE027 cable (stable-fixes).
  • USB: serial: option: add Telit LE910 MBIM composition (stable-fixes).
  • ata: libata: Add cprlog to atadevprintfeatures() early return (git-fixes).
  • bpf/selftests: testselectreuseport_kern: Remove unused header (bsc#1257603).
  • bpf: Do not let BPF test infra emit invalid GSO types to stack (bsc#1255569).
  • bs-upload-kernel: Fix cve branch uploads.
  • btrfs: do not strictly require dirty metadata threshold for metadata writepages (stable-fixes).
  • can: ctucanfd: fix SSP_SRC in cases when bit-rate is higher than 1 MBit (git-fixes).
  • can: emsusb: emsusbreadbulk_callback(): fix URB memory leak (git-fixes).
  • can: etas_es58x: allow partial RX URB allocation to succeed (git-fixes).
  • can: gsusb: gsusbreceivebulk_callback(): fix error message (git-fixes).
  • can: gsusb: gsusbreceivebulkcallback(): unanchor URL on usbsubmit_urb() error (git-fixes).
  • can: j1939: make j1939sessionactivate() fail if device is no longer registered (stable-fixes).
  • can: kvaserusb: kvaserusbreadbulk_callback(): fix URB memory leak (git-fixes).
  • can: mcbausb: mcbausbreadbulk_callback(): fix URB memory leak (git-fixes).
  • can: usb8dev: usb8devreadbulk_callback(): fix URB memory leak (git-fixes).
  • cifs: Fix copy offload to flush destination region (bsc#1252511).
  • cifs: Fix flushing, invalidation and file size with copyfilerange() (bsc#1252511).
  • cifs: add new field to track the last access time of cfid (git-fixes).
  • cifs: after disabling multichannel, mark tcon for reconnect (git-fixes).
  • cifs: avoid redundant calls to disable multichannel (git-fixes).
  • cifs: cifspickchannel should try selecting active channels (git-fixes).
  • cifs: deal with the channel loading lag while picking channels (git-fixes).
  • cifs: dns resolution is needed only for primary channel (git-fixes).
  • cifs: do not disable interface polling on failure (git-fixes).
  • cifs: do not search for channel if server is terminating (git-fixes).
  • cifs: fix a pending undercount of srv_count (git-fixes).
  • cifs: fix lock ordering while disabling multichannel (git-fixes).
  • cifs: fix stray unlock in cifschanskipordisable (git-fixes).
  • cifs: fix use after free for iface while disabling secondary channels (git-fixes).
  • cifs: handle servers that still advertise multichannel after disabling (git-fixes).
  • cifs: handle when server starts supporting multichannel (git-fixes).
  • cifs: handle when server stops supporting multichannel (git-fixes).
  • cifs: make cifschanupdate_iface() a void function (git-fixes).
  • cifs: make sure server interfaces are requested only for SMB3+ (git-fixes).
  • cifs: make sure that channel scaling is done only once (git-fixes).
  • cifs: reconnect worker should take reference on server struct unconditionally (git-fixes).
  • cifs: reset connections for all channels when reconnect requested (git-fixes).
  • cifs: reset iface weights when we cannot find a candidate (git-fixes).
  • cifs: serialize other channels when query server interfaces is pending (git-fixes).
  • cifs: update dstaddr whenever channel iface is updated (git-fixes).
  • comedi: Fix getting range information for subdevices 16 to 255 (git-fixes).
  • comedi: dmm32at: serialize use of paged registers (git-fixes).
  • comedi: fix divide-by-zero in comedibufmunge() (stable-fixes).
  • cpuset: fix warning when disabling remote partition (bsc#1256794).
  • crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (git-fixes).
  • dmaengine: apple-admac: Add 'apple,t8103-admac' compatible (git-fixes).
  • dmaengine: athdmac: fix device leak on ofdma_xlate() (git-fixes).
  • dmaengine: bcm-sba-raid: fix device leak on probe (git-fixes).
  • dmaengine: dw: dmamux: fix OF node leak on route allocation failure (git-fixes).
  • dmaengine: idxd: fix device leaks on compat bind and unbind (git-fixes).
  • dmaengine: lpc18xx-dmamux: fix device leak on route allocation (git-fixes).
  • dmaengine: omap-dma: fix dma_pool resource leak in error paths (git-fixes).
  • dmaengine: qcom: gpi: Fix memory leak in gpiperipheralconfig() (git-fixes).
  • dmaengine: sh: rz-dmac: Fix rzdmacterminate_all() (git-fixes).
  • dmaengine: tegra-adma: Fix use-after-free (git-fixes).
  • dmaengine: ti: dma-crossbar: fix device leak on am335x route allocation (git-fixes).
  • dmaengine: ti: dma-crossbar: fix device leak on dra7x route allocation (git-fixes).
  • dmaengine: ti: k3-udma: fix device leak on udma lookup (git-fixes).
  • dmaengine: xilinx: xdma: Fix regmap max_register (git-fixes).
  • dmaengine: xilinxdma: Fix uninitialized addrwidth when 'xlnx,addrwidth' property is missing (git-fixes).
  • dpll: Prevent duplicate registrations (git-fixes).
  • dpll: fix device-id-get and pin-id-get to return errors properly (git-fixes).
  • dpll: fix return value check for kmemdup (git-fixes).
  • dpll: indent DPLL option type by a tab (git-fixes).
  • dpll: spec: add missing module-name and clock-id to pin-get reply (git-fixes).
  • drm/amd/display: Apply e4479aecf658 to dml (stable-fixes).
  • drm/amd/display: Bump the HDMI clock to 340MHz (stable-fixes).
  • drm/amd/display: Fix DP no audio issue (stable-fixes).
  • drm/amd/display: Initialise backlight level values from hw (git-fixes).
  • drm/amd/display: Respect user's CONFIGFRAMEWARN more for dml files (stable-fixes).
  • drm/amd/display: shrink struct members (stable-fixes).
  • drm/amd/pm: Don't clear SI SMC table when setting power limit (git-fixes).
  • drm/amd/pm: Workaround SI powertune issue on Radeon 430 (v2) (git-fixes).
  • drm/amd/pm: fix race in power state check before mutex lock (git-fixes).
  • drm/amd/pm: fix smu overdrive data type wrong issue on smu 14.0.2 (git-fixes).
  • drm/amd: Clean up kfd node on surprise disconnect (stable-fixes).
  • drm/amdgpu: Fix condexec handling in amdgpuib_schedule() (git-fixes).
  • drm/amdgpu: Fix query for VPE blocktype and ipcount (stable-fixes).
  • drm/amdgpu: fix NULL pointer dereference in amdgpugmcfilterfaultsremove (git-fixes).
  • drm/amdgpu: remove frame cntl for gfx v12 (stable-fixes).
  • drm/amdkfd: Fix improper NULL termination of queue restore SMI event string (stable-fixes).
  • drm/amdkfd: fix a memory leak in devicequeuemanager_init() (git-fixes).
  • drm/imagination: Wait for FW trace update command completion (git-fixes).
  • drm/imx/tve: fix probe device leak (git-fixes).
  • drm/msm/a6xx: fix bogus hwcg register updates (git-fixes).
  • drm/nouveau/disp/nv50-: Set lockcore in curs507aprepare (git-fixes).
  • drm/nouveau/disp: Set drmmodeconfigfuncs.atomic(check|commit) (stable-fixes).
  • drm/nouveau: add missing DCB connector types (git-fixes).
  • drm/nouveau: implement missing DCB connector types; gracefully handle unknown connectors (git-fixes).
  • drm/panel-simple: fix connector type for DataImage SCF0700C48GGU18 panel (git-fixes).
  • drm/radeon: Remove _countedby from ClockInfoArray.clockInfo[] (stable-fixes).
  • drm/vmwgfx: Fix an error return check in vmwcompatshader_add() (git-fixes).
  • drm/vmwgfx: Merge vmwborelease and vmwbofree functions (git-fixes).
  • exfat: check return value of sbminblocksize in exfatreadboot_sector (git-fixes).
  • exfat: fix remount failure in different process environments (git-fixes).
  • gpio: omap: do not register driver in probe() (git-fixes).
  • gpio: pca953x: Add support for level-triggered interrupts (stable-fixes).
  • gpio: pca953x: Utilise deverrprobe() where it makes sense (stable-fixes).
  • gpio: pca953x: Utilise temporary variable for struct device (stable-fixes).
  • gpio: pca953x: fix wrong error probe return value (git-fixes).
  • gpio: pca953x: handle short interrupt pulses on PCAL devices (git-fixes).
  • gpio: rockchip: Stop calling pinctrl for set_direction (git-fixes).
  • ice: use netifgetnumdefaultrss_queues() (bsc#1247712).
  • iio: accel: iis328dq: fix gain values (git-fixes).
  • iio: adc: ad7280a: handle spi_setup() errors in probe() (git-fixes).
  • iio: adc: ad9467: fix ad9434 vref mask (git-fixes).
  • iio: adc: at91-sama5d2adc: Fix potential use-after-free in sama5d2adc driver (git-fixes).
  • iio: dac: ad5686: add AD5695R to ad5686chipinfo_tbl (git-fixes).
  • iio: imu: stlsm6dsx: fix iiochan_spec for sensors without event detection (git-fixes).
  • intel_th: fix device leak on output open() (git-fixes).
  • leds: led-class: Only Add LED to leds_list when it is fully ready (git-fixes).
  • lib/crypto: aes: Fix missing MMU protection for AES S-box (git-fixes).
  • mISDN: annotate data-race around dev->work (git-fixes).
  • mei: me: add nova lake point S DID (stable-fixes).
  • mei: me: add wildcat lake P DID (stable-fixes).
  • mm, page_alloc, thp: prevent reclaim for _GFPTHISNODE THP allocations (bsc#1253087 bsc#1254447).
  • mmc: rtsxpcisdmmc: implement sdmmccardbusy function (git-fixes).
  • mmc: sdhci-of-dwcmshc: Prevent illegal clock reduction in HS200/HS400 mode (git-fixes).
  • net: can: j1939: j1939xtprxrtssession_active(): deactivate session upon receiving the second rts (git-fixes).
  • net: hv_netvsc: reject RSS hash key programming without RX indirection table (bsc#1257473).
  • net: mana: Add metadata support for xdp mode (git-fixes).
  • net: mana: Add standard counter rxmissederrors (git-fixes).
  • net: mana: Add support for auxiliary device servicing events (git-fixes).
  • net: mana: Change the function signature of managetprimarynetdevrcu (bsc#1256690).
  • net: mana: Drop TX skb on postworkrequest failure and unmap resources (git-fixes).
  • net: mana: Fix use-after-free in reset service rescan path (git-fixes).
  • net: mana: Fix warnings for missing export.h header inclusion (git-fixes).
  • net: mana: Handle Reset Request from MANA NIC (git-fixes).
  • net: mana: Handle SKB if TX SGEs exceed hardware limit (git-fixes).
  • net: mana: Handle hardware recovery events when probing the device (git-fixes).
  • net: mana: Handle unsupported HWC commands (git-fixes).
  • net: mana: Move hardware counter stats from per-port to per-VF context (git-fixes).
  • net: mana: Probe rdma device in mana driver (git-fixes).
  • net: mana: Reduce waiting time if HWC not responding (git-fixes).
  • net: mana: fix spelling for managdderegiser_irq() (git-fixes).
  • net: tcp: allow zero-window ACK update the window (bsc#1254767).
  • net: usb: dm9601: remove broken SR9700 support (git-fixes).
  • net: wwan: t7xx: fix potential skb->frags overflow in RX path (git-fixes).
  • nfc: llcp: Fix memleak in nfcllcpsenduiframe() (git-fixes).
  • nfc: nci: Fix race between rfkill and nciunregisterdevice() (git-fixes).
  • nfsd: Drop the client reference in clientstatesopen() (git-fixes).
  • nvme: nvme-fc: move tagset removal to nvmefcdelete_ctrl() (git-fixes).
  • nvmet-auth: update sc_c in host response (git-fixes).
  • nvmet-auth: update sc_c in target host hash calculation (git-fixes).
  • of: fix reference count leak in ofaliasscan() (git-fixes).
  • of: platform: Use default match table for /firmware (git-fixes).
  • phy: freescale: imx8m-pcie: assert phy reset during power on (stable-fixes).
  • phy: rockchip: inno-usb2: fix communication disruption in gadget mode (git-fixes).
  • phy: rockchip: inno-usb2: fix disconnection in gadget mode (git-fixes).
  • phy: stm32-usphyc: Fix off by one in probe() (git-fixes).
  • phy: tegra: xusb: Explicitly configure HSDISCONLEVEL to 0x7 (git-fixes).
  • platform/x86/amd: Fix memory leak in wbrf_record() (git-fixes).
  • platform/x86: hp-bioscfg: Fix automatic module loading (git-fixes).
  • platform/x86: hp-bioscfg: Fix kernel panic in GETINSTANCEID macro (git-fixes).
  • platform/x86: hp-bioscfg: Fix kobject warnings for empty attribute names (git-fixes).
  • pnfs/flexfiles: Fix memory leak in nfs4ffallocdeviceidnode() (git-fixes).
  • powercap: fix race condition in registercontroltype() (stable-fixes).
  • powercap: fix sscanf() error return value handling (stable-fixes).
  • powerpc/addnote: Fix overflow on 32-bit builds (bsc#1215199).
  • regmap: Fix race condition in hwspinlock irqsave routine (git-fixes).
  • sched/rt: Skip group schedulable check with rtgroupsched=0 (bsc#1256568).
  • sched: Increase schedtickremote timeout (bsc#1254510).
  • scripts/python/gitsort/gitsort.yaml: add cifs for-next repository.
  • scripts: obsapi: Support URL trailing / in oscrc.
  • scripts: teaapi: Add paging.
  • scripts: uploader: Fix no change condition for _maintainership.json.
  • scripts: uploader: Handle missing upstream in ispropen.
  • scrits: teaapi: Add list_repos.
  • scsi: lpfc: Rework lpfcsli4fcfrrnextindexget() (bsc#1256861).
  • scsi: lpfc: Update lpfc version to 14.4.0.13 (bsc#1256861).
  • scsi: qla2xxx: Add Speed in SFP print information (bsc#1256863).
  • scsi: qla2xxx: Add bsg interface to support firmware img validation (bsc#1256863).
  • scsi: qla2xxx: Add load flash firmware mailbox support for 28xxx (bsc#1256863).
  • scsi: qla2xxx: Add support for 64G SFP speed (bsc#1256863).
  • scsi: qla2xxx: Allow recovery for tape devices (bsc#1256863).
  • scsi: qla2xxx: Delay module unload while fabric scan in progress (bsc#1256863).
  • scsi: qla2xxx: Fix bsg_done() causing double free (bsc#1256863).
  • scsi: qla2xxx: Free sp in error path to fix system crash (bsc#1256863).
  • scsi: qla2xxx: Query FW again before proceeding with login (bsc#1256863).
  • scsi: qla2xxx: Update version to 10.02.10.100-k (bsc#1256863).
  • scsi: qla2xxx: Validate MCU signature before executing MBC 03h (bsc#1256863).
  • scsi: qla2xxx: Validate sp before freeing associated memory (bsc#1256863).
  • scsi: storvsc: Process unsupported MODESENSE10 (bsc#1257296).
  • selftests/bpf: Fix flaky bpf_cookie selftest (git-fixes).
  • selftests: net: fib-onlink-tests: Convert to use namespaces by default (bsc#1255346).
  • serial: 8250_pci: Fix broken RS485 for F81504/508/512 (git-fixes).
  • slimbus: core: fix OF node leak on registration failure (git-fixes).
  • slimbus: core: fix device reference leak on report present (git-fixes).
  • slimbus: core: fix ofslimget_device() kernel doc (git-fixes).
  • slimbus: core: fix runtime PM imbalance on report present (git-fixes).
  • smb3: add missing null server pointer check (git-fixes).
  • smb: change return type of cacheddirlease_break() to bool (git-fixes).
  • smb: client: ensure opencacheddirbydentry() only returns valid cfid (git-fixes).
  • smb: client: fix cifspickchannel when channel needs reconnect (git-fixes).
  • smb: client: fix warning when reconnecting channel (git-fixes).
  • smb: client: introduce closecacheddir_locked() (git-fixes).
  • smb: client: remove unused fid_lock (git-fixes).
  • smb: client: short-circuit in opencacheddirbydentry() if !dentry (git-fixes).
  • smb: client: split cached_fid bitfields to avoid shared-byte RMW races (bsc#1250748 bsc#1257154).
  • smb: client: update cfid->lastaccesstime in opencacheddirbydentry() (git-fixes).
  • smb: improve directory cache reuse for readdir operations (bsc#1252712).
  • spi: spi-sprd-adi: Fix double free in probe error path (git-fixes).
  • spi: sprd-adi: switch to use spiallochost() (stable-fixes).
  • spi: sprd: adi: Use devmregisterrestart_handler() (stable-fixes).
  • svcrdma: return 0 on success from svcrdmacopyinlinerange (git-fixes).
  • uacce: ensure safe queue release with state management (git-fixes).
  • uacce: fix cdev handling in the cleanup path (git-fixes).
  • uacce: fix isolate sysfs check condition (git-fixes).
  • uacce: implement mremap in uaccevmops to return -EPERM (git-fixes).
  • usb: core: add USBQUIRKNO_BOS for devices that hang on BOS descriptor (stable-fixes).
  • usb: dwc3: Check for USB4 IP_NAME (stable-fixes).
  • usbnet: limit maxmtu based on device's hardmtu (git-fixes).
  • w1: fix redundant counter decrement in w1attachslave_device() (git-fixes).
  • w1: therm: Fix off-by-one buffer overflow in alarms_store (git-fixes).
  • wifi: ath10k: fix dmafreecoherent() pointer (git-fixes).
  • wifi: ath12k: fix dmafreecoherent() pointer (git-fixes).
  • wifi: mac80211: correctly decode TTLM with default link map (git-fixes).
  • wifi: mac80211: don't perform DA check on S1G beacon (git-fixes).
  • wifi: mwifiex: Fix a loop in mwifiexupdateampdu_rxwinsize() (git-fixes).
  • wifi: rsi: Fix memory corruption due to not set vif driver data size (git-fixes).
  • x86/microcode/AMD: Add TSA microcode SHAs (bsc#1256528).
  • x86/microcode/AMD: Add Zen5 model 0x44, stepping 0x1 minrev (bsc#1256528).
  • x86/microcode/AMD: Add more known models to entry sign checking (bsc#1256528).
  • x86/microcode/AMD: Add some forgotten models to the SHA check (bsc#1256528).
  • x86/microcode/AMD: Clean the cache if update did not load microcode (bsc#1256528).
  • x86/microcode/AMD: Extend the SHA check to Zen5, block loading of any unreleased standalone Zen5 microcode patches (bsc#1256528).
  • x86/microcode/AMD: Fix Entrysign revision check for Zen5/Strix Halo (bsc#1256528).
  • x86/microcode/AMD: Fix __applymicrocodeamd()'s return value (bsc#1256528).
  • x86/microcode/AMD: Limit Entrysign signature checking to known generations (bsc#1256528).
  • x86/microcode/AMD: Load only SHA256-checksummed patches (bsc#1256528).
  • x86/microcode/AMD: Use sha256() instead of init/update/final (bsc#1256528).
  • x86/microcode: Fix Entrysign revision check for Zen1/Naples (bsc#1256528).
  • x86: make page fault handling disable interrupts properly (git-fixes).
References

Affected packages

SUSE:Linux Enterprise Live Patching 15 SP7
kernel-livepatch-SLE15-SP7-RT_Update_9

Package

Name
kernel-livepatch-SLE15-SP7-RT_Update_9
Purl
pkg:rpm/suse/kernel-livepatch-SLE15-SP7-RT_Update_9&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1-150700.1.3.2

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-livepatch-6_4_0-150700_7_31-rt": "1-150700.1.3.2"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:0587-1.json"
SUSE:Real Time Module 15 SP7
kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.4.0-150700.7.31.2

Ecosystem specific 

{
    "binaries": [
        {
            "ocfs2-kmp-rt": "6.4.0-150700.7.31.2",
            "gfs2-kmp-rt": "6.4.0-150700.7.31.2",
            "kernel-rt": "6.4.0-150700.7.31.2",
            "kernel-rt-devel": "6.4.0-150700.7.31.2",
            "kernel-source-rt": "6.4.0-150700.7.31.1",
            "cluster-md-kmp-rt": "6.4.0-150700.7.31.2",
            "kernel-devel-rt": "6.4.0-150700.7.31.1",
            "kernel-syms-rt": "6.4.0-150700.7.31.1",
            "dlm-kmp-rt": "6.4.0-150700.7.31.2"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:0587-1.json"
kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.4.0-150700.7.31.1

Ecosystem specific 

{
    "binaries": [
        {
            "ocfs2-kmp-rt": "6.4.0-150700.7.31.2",
            "gfs2-kmp-rt": "6.4.0-150700.7.31.2",
            "kernel-rt": "6.4.0-150700.7.31.2",
            "kernel-rt-devel": "6.4.0-150700.7.31.2",
            "kernel-source-rt": "6.4.0-150700.7.31.1",
            "cluster-md-kmp-rt": "6.4.0-150700.7.31.2",
            "kernel-devel-rt": "6.4.0-150700.7.31.1",
            "kernel-syms-rt": "6.4.0-150700.7.31.1",
            "dlm-kmp-rt": "6.4.0-150700.7.31.2"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:0587-1.json"
kernel-syms-rt

Package

Name
kernel-syms-rt
Purl
pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.4.0-150700.7.31.1

Ecosystem specific 

{
    "binaries": [
        {
            "ocfs2-kmp-rt": "6.4.0-150700.7.31.2",
            "gfs2-kmp-rt": "6.4.0-150700.7.31.2",
            "kernel-rt": "6.4.0-150700.7.31.2",
            "kernel-rt-devel": "6.4.0-150700.7.31.2",
            "kernel-source-rt": "6.4.0-150700.7.31.1",
            "cluster-md-kmp-rt": "6.4.0-150700.7.31.2",
            "kernel-devel-rt": "6.4.0-150700.7.31.1",
            "kernel-syms-rt": "6.4.0-150700.7.31.1",
            "dlm-kmp-rt": "6.4.0-150700.7.31.2"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:0587-1.json"