Description of the patch:
The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2026-23254: net: gro: fix outer network offset (bsc#1259884).
- CVE-2026-23303: smb: client: Don't log plaintext credentials in cifs_set_cifscreds (bsc#1260502).
- CVE-2026-23327: cxl/mbox: validate payload size before accessing
contents in cxl_payload_from_user_allowed() (bsc#1260548).
- CVE-2026-23438: net: mvpp2: guard flow control update with global_tx_fc in buffer switching (bsc#1261619).
- CVE-2026-31396: net: macb: fix use-after-free access to PTP clock (bsc#1261791).
- CVE-2026-31401: HID: bpf: prevent buffer overflow in hid_hw_request (bsc#1261603).
- CVE-2026-31446: ext4: fix use-after-free in update_super_work when racing with umount (bsc#1262619).
- CVE-2026-31448: ext4: avoid infinite loops caused by residual data (bsc#1262622).
- CVE-2026-31454: xfs: save ailp before dropping the AIL lock in push callbacks (bsc#1262624).
- CVE-2026-31455: xfs: stop reclaim before pushing AIL during unmount (bsc#1262615).
- CVE-2026-31518: esp: fix skb leak with espintcp and async crypto (bsc#1262606).
- CVE-2026-31546: net: bonding: fix NULL deref in bond_debug_rlb_hash_show (bsc#1263006).
- CVE-2026-31556: xfs: scrub: unlock dquot before early return in quota scrub (bsc#1263062).
- CVE-2026-31562: drm/mediatek: dsi: Store driver data before invoking mipi_dsi_host_register (bsc#1263058).
- CVE-2026-31584: media: mediatek: vcodec: fix use-after-free in encoder release path (bsc#1263180).
- CVE-2026-31645: net: lan966x: fix page pool leak in error paths (bsc#1263794).
- CVE-2026-31648: mm: filemap: fix nr_pages calculation overflow in filemap_map_pages() (bsc#1263579).
- CVE-2026-31655: pmdomain: imx8mp-blk-ctrl: Keep the NOC_HDCP clock enabled (bsc#1263724).
- CVE-2026-31671: xfrm_user: fix info leak in build_report() (bsc#1263115).
- CVE-2026-31683: batman-adv: avoid OGM aggregation when skb tailroom is...