dtb-aarch64-6.12.0-160000.33.1

- net: gro: don't merge zcopy skbs (git-fixes).
- net: skbuff: propagate shared-frag marker through frag-transfer
  helpers (CVE-2026-43503 bsc#1265960).
- net: skbuff: preserve shared-frag marker during coalescing
  (CVE-2026-46300 bsc#1265209).
- commit 68f8e8b

- Revert "net: skbuff: propagate shared-frag marker through pskb_copy()"
  This reverts commit f71c96250de20f4edf1c4beeb9d8b973a9ad6943.
- commit aaf0bdb

- Update
  patches.kabi/ptrace-slightly-saner-get_dumpable-logic-kabi-assert.patch
  (CVE-2026-46333 bsc#1265308).
- Update
  patches.kabi/ptrace-slightly-saner-get_dumpable-logic-kabi.patch
  (CVE-2026-46333 bsc#1265308).
- Update
  patches.suse/ptrace-slightly-saner-get_dumpable-logic.patch
  (CVE-2026-46333 bsc#1265308).
- commit 493e3ed

- kernel-binary: Only apply vmlinux workaround on SLE15 and later
  To create debuginfo for vmlinux the file needs to be present even if
  it's not packaged because a compressed file is packaged insteand.
  To accomplish that the file is marked as ghost in the file list. Then
  rpm does not complain that the file exists but does not package it.
  However, rpm still reserves space for ghost files when installing a
  package. To avoid reserving space for a file that is not used the file
  is truncated.
  That works on SLE 15 but on SLE 12 rpm then fails packaging the
  debuginfo complaiing that extra debuginfo files are present. Limit the
  workaround to SLE 15 and later.
  Fixes: 222edac2a18 (kernel-binary: prevent uncompressed vmlinux from inflating rpm size requirements)
- commit 1ef7451

- scsi: target: iscsi: validate CHAP_R length before base64 decode
  (bsc#1265449).
- commit 04f607e

- Refresh
  patches.suse/io-wq-check-that-the-predecessor-is-hashed-in-io_wq_remove_pending.patch.
- commit 033df25

- net: mana: Fix crash from unvalidated SHM offset read from BAR0 during FLR (bsc#1265846).
- net: mana: remove double CQ cleanup in mana_create_rxq error path (git-fixes).
- net: mana: Skip WQ object destruction for uninitialized RXQ (git-fixes).
- net: mana: check xdp_rxq registration before unreg in mana_destroy_rxq() (git-fixes).
- RDMA/mana: Fix error unwind in mana_ib_create_qp_rss() (git-fixes).
- RDMA/mana: Fix mana_destroy_wq_obj() cleanup in mana_ib_create_qp_rss() (git-fixes).
- RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss() (git-fixes).
- RDMA/mana: Validate rx_hash_key_len (git-fixes).
- hv_sock: fix ARM64 support (git-fixes).
- mshv: Fix error handling in mshv_region_pin (CVE-2026-43045 bsc#1263942).
- mshv: Refactor and rename memory region handling functions (CVE-2026-43045 bsc#1263942).
- commit 6cbd7cb

- Kernel-binary: Do not truncate vmlinux when it's the boot image
  Some architectures use vmlinux to boot. Truncating vmlinux on those
  architectures causes signing failure during build. Also if the signing
  was disabled a brokne kernel would be produced.
  Fixes: 222edac2a18 (kernel-binary: prevent uncompressed vmlinux from inflating rpm size requirements)
- commit d3cf603

- perf: Fix __perf_event_overflow() vs perf_remove_from_context()
  race (bsc#1260018 CVE-2026-23271).
- commit 1c3b58a

- drivers/base/memory: fix memory block reference leak in poison
  accounting (git-fixes).
- commit c0de598

- kabi assert: ptrace: slightly saner 'get_dumpable()' logic
  (bsc#1265308).
- kabi: ptrace: slightly saner 'get_dumpable()' logic
  (bsc#1265308).
- ptrace: slightly saner 'get_dumpable()' logic (bsc#1265308).
- commit f8f4ca2

- io-wq: check that the predecessor is hashed in
  io_wq_remove_pending() (git-fixes).
- commit 7709fe4

- net: skbuff: propagate shared-frag marker through pskb_copy()
  (CVE-2026-46300 bsc#1265209).
- commit f71c962

- x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's  op cache (bsc#1264013 CVE-2025-54518).
- commit b2d5a21

- Update config files: disable unsupported CONFIG_AFS_FS and CONFIG_AF_RXRPC
- commit a035dd7

- supported.conf: drop rxrpc completely (bsc#1264450)
- commit 2dc3b0f

- xfrm: esp: avoid in-place decrypt on shared skb frags
  (bsc#1264449).
- commit afc97fe

- crypto: authencesn - Fix src offset when decrypting in-place
  (bsc#1262573 CVE-2026-31431).
- commit 66d7b47

- crypto: authencesn - Do not place hiseq at end of dst for
  out-of-place decryption (bsc#1262573 CVE-2026-31431).
- commit d5fe1c6

- crypto: authenc - use memcpy_sglist() instead of null skcipher
  (bsc#1262573 CVE-2026-31431).
- Refresh
  patches.suse/crypto-authencesn-reject-too-short-AAD-assoclen-8-to.patch
- commit 3e7ba77

- kABI: Restore af_alg_{count,pull}_tsgl() signatures (bsc#1262573
  CVE-2026-31431).
- commit 748d5b2

- kABI: Restore af_alg_{count,pull}_tsgl() signatures (bsc#1262573
  CVE-2026-31431).
- commit 748d5b2

- crypto: algif_aead - Revert to operating out-of-place
  (bsc#1262573 CVE-2026-31431).
- commit 02b8598

- crypto: algif_aead - use memcpy_sglist() instead of null skciphe
  (bsc#1262573 CVE-2026-31431).
- commit 28e785f

- kABI: Restore af_alg_{count,pull}_tsgl() signatures (bsc#1262573
  CVE-2026-31431).
- commit 748d5b2

- ipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu()
  (CVE-2026-23304 bsc#1260544).
- commit 51fafb4

- powerpc/crash: adjust the elfcorehdr size (jsc#PED-11175
  git-fixes).
- powerpc/kdump: Fix size calculation for hot-removed memory
  ranges (jsc#PED-11175 git-fixes).
- commit cfb9cde

- ipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu()
  (CVE-2026-23304 bsc#1260544).
- commit 51fafb4

- selftests/powerpc: Suppress -Wmaybe-uninitialized with GCC 15
  (bsc#1261669 ltc#212590).
- commit e7cec47

- scsi: target: Fix recursive locking in __configfs_open_file()
  (CVE-2026-23292 bsc#1260500).
- scsi: target: iscsi: Fix use-after-free in
  iscsit_dec_session_usage_count() (CVE-2026-23193 bsc#1258414).
- scsi: target: iscsi: Fix use-after-free in
  iscsit_dec_conn_usage_count() (CVE-2026-23216 bsc#1258447).
- commit f1d41b2

- xdp: produce a warning when calculated tailroom is negative
  (CVE-2026-23343 bsc#1260527).
- commit 72b74a3

- bpf, arm64: Force 8-byte alignment for JIT buffer to prevent
  atomic tearing (CVE-2026-23383 bsc#1260497).
- commit b5b5e19

- nvmet: move async event work off nvmet-wq (git-fixes).
- nvme-pci: cap queue creation to used queues (git-fixes).
- nvme-pci: ensure we're polling a polled queue (git-fixes).
- nvme-fabrics: use kfree_sensitive() for DHCHAP secrets
  (git-fixes).
- commit 5ccf382

- tg3: Fix race for querying speed/duplex (bsc#1257183).
- commit 4d083ab

- KVM: arm64: Fix ID register initialization for non-protected
  pKVM guests (CVE-2026-23425 bsc#1261506).
- commit b02fb9f

- Refresh
  patches.suse/scsi-scsi_transport_sas-Fix-the-maximum-channel-scan.patch.
- commit bf87874

- dm mpath: make pg_init_delay_msecs settable (git-fixes).
- commit b2a0fd6

- dm: clear cloned request bio pointer when last clone bio
  completes (git-fixes).
- commit d6eb6ea

- dm: remove fake timeout to avoid leak request (git-fixes).
- commit bf8f04d

- add bugnumber to existing mana change (bsc#1252266).
- net: mana: Ring doorbell at 4 CQ wraparounds (git-fixes).
- PCI: hv: remove unnecessary module_init/exit functions (git-fixes).
- PCI: hv: Remove unused field pci_bus in struct hv_pcibus_device (git-fixes).
- RDMA/mana_ib: Add device-memory support (git-fixes).
- RDMA/mana_ib: Take CQ type from the device type (git-fixes).
- net: mana: Implement ndo_tx_timeout and serialize queue resets per port (bsc#1257472).
- Drivers: hv: Always do Hyper-V panic notification in hv_kmsg_dump() (git-fixes).
- net: mana: Fix use-after-free in reset service rescan path (git-fixes).
- net: mana: Handle hardware recovery events when probing the device (bsc#1257466).
- net: mana: Drop TX skb on post_work_request failure and unmap resources (git-fixes).
- net: mana: Handle SKB if TX SGEs exceed hardware limit (git-fixes).
- net: mana: Add standard counter rx_missed_errors (git-fixes).
- commit dde91c8

- btrfs: fallback to buffered IO if the data profile has
  duplication (git-fixes).
- commit c194c61

- arm64: contpte: fix set_access_flags() no-op check for SMMU/ATS (bsc#1259329)
- commit c775b21

- selftests/bpf: add verifier sign extension bound computation
  tests (git-fixes).
- bpf: verifier improvement in 32bit shift sign extension pattern
  (git-fixes).
- commit 9625613

- hwmon: (pmbus/q54sj108a2) fix stack overflow in debugfs read
  (git-fixes).
- hwmon: (it87) Check the it87_lock() return value (git-fixes).
- commit 8d41466

- drm/xe/reg_sr: Fix leak on xa_store failure (git-fixes).
- drm/xe: Do not preempt fence signaling CS instructions
  (git-fixes).
- nouveau/dpcd: return EBUSY for aux xfer if the device is asleep
  (git-fixes).
- drm/sched: Fix kernel-doc warning for drm_sched_job_done()
  (git-fixes).
- drm/solomon: Fix page start when updating rectangle in page
  addressing mode (git-fixes).
- platform/x86: dell-wmi-sysman: Don't hex dump plaintext password
  data (git-fixes).
- pmdomain: bcm: bcm2835-power: Fix broken reset status read
  (git-fixes).
- ata: libata-core: Disable LPM on ST1000DM010-2EP102 (git-fixes).
- commit a06b327

- tracing: Fix crash on synthetic stacktrace field usage
  (CVE-2026-23088 bsc#1257814).
- commit 41fea09

- idpf: detach and close netdevs while handling a reset
  (CVE-2026-22981 bsc#1257225).
- commit 6e399ef

- KVM: nSVM: Set exit_code_hi to -1 when synthesizing SVM_EXIT_ERR
  (failed VMRUN) (git-fixes).
- commit ea24b4e

- KVM: nSVM: Clear exit_code_hi in VMCB when synthesizing nested
  VM-Exits (git-fixes).
- commit 39ff5cb

- KVM: x86: Explicitly set new periodic hrtimer expiration in
  apic_timer_fn() (git-fixes).
- commit e059ee8

- KVM: x86: WARN if hrtimer callback for periodic APIC timer
  fires with period=0 (git-fixes).
- commit 2c24d91

- platform/x86: intel_telemetry: Fix PSS event register mask
  (git-fixes).
- platform/x86: intel_telemetry: Fix swapped arrays in PSS output
  (git-fixes).
- platform/x86: toshiba_haps: Fix memory leaks in add/remove
  routines (git-fixes).
- commit 35ce7c7

- KVM: x86: Don't clear async #PF queue when CR0.PG is disabled
  (e.g. on #SMI) (git-fixes).
- commit c57db6d

- btrfs: scrub: always update btrfs_scrub_progress::last_physical
  (git-fixes).
- commit 9d5464b

- slimbus: core: Constify slim_eaddr_equal() (jsc#PED-10906
  git-fixes).
- commit 6c2c54b

- bus: fsl-mc: Constify fsl_mc_device_match() (jsc#PED-10906
  git-fixes).
- commit b3ff1a5