The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2025-38704: rcu/nocb: Fix possible invalid rdp's->nocb_cb_kthread pointer (bsc#1254408).
- CVE-2025-39880: ceph: fix race condition validating r_parent before applying state (bsc#1250388).
- CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252046).
- CVE-2025-40042: tracing: Fix race condition in kprobe initialization causing NULL pointer dereference (bsc#1252861).
- CVE-2025-40123: bpf: Enforce expected_attach_type for tailcall compatibility (bsc#1253365).
- CVE-2025-40130: scsi: ufs: core: Fix data race in CPU latency PM QoS request handling
- CVE-2025-40160: xen/events: Cleanup find_virq() return codes (bsc#1253400).
- CVE-2025-40167: ext4: detect invalid INLINE_DATA + EXTENTS flag combination (bsc#1253458).
- CVE-2025-40170: net: use dst_dev_rcu() in sk_setup_caps() (bsc#1253413).
- CVE-2025-40179: ext4: verify orphan file size is not too big (bsc#1253442).
- CVE-2025-40190: ext4: guard against EA inode refcount underflow in xattr update (bsc#1253623).
- CVE-2025-40214: af_unix: Initialise scc_index in unix_add_edge() (bsc#1254961).
- CVE-2025-40215: xfrm: delete x->tunnel as we delete x (bsc#1254959).
- CVE-2025-40218: mm/damon/vaddr: do not repeat pte_offset_map_lock() until success (bsc#1254964).
- CVE-2025-40220: fuse: fix livelock in synchronous file put from fuseblk workers (bsc#1254520).
- CVE-2025-40231: vsock: fix lock inversion in vsock_assign_transport() (bsc#1254815).
- CVE-2025-40233: ocfs2: clear extent cache after moving/defragmenting extents (bsc#1254813).
- CVE-2025-40237: fs/notify: call exportfs_encode_fid with s_umount (bsc#1254809).
- CVE-2025-40238: net/mlx5: Fix IPsec cleanup over MPV device (bsc#1254871).
- CVE-2025-40239: net: phy: micrel: always set shared->phydev for LAN8814 (bsc#1254868).
- CVE-2025-40242: gfs2: Fix unlikely race in gdlm_put_lock (bsc#1255075).
- CVE-2025-40246: xfs:...